CVE Vulnerabilities

CVE-2010-2206

Published: Jun 30, 2010 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
6.8 CRITICAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu

Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Extras for RHEL 4 RedHat acroread-0:9.3.3-2.el4 *
Supplementary for Red Hat Enterprise Linux 5 RedHat acroread-0:9.3.3-1.el5 *
Acroread Ubuntu dapper *
Acroread Ubuntu hardy *
Acroread Ubuntu jaunty *
Acroread Ubuntu karmic *
Acroread Ubuntu lucid *
Acroread Ubuntu upstream *

References