HomePentest-Tools.com Logo

Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows) CVE-2010-0188CVE-2010-0186

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Adobe Reader/Acrobat is prone to a remote code execution (RCE) vulnerability.

Risk description

Flaw is caused by a memory corruption error in the authplay.dll module when processing malformed Flash data within a PDF document and some unspecified error. Successful exploitation will let attackers to execute arbitrary code by tricking a user into opening a PDF file embedding a malicious Flash animation and bypass intended sandbox restrictions allowing cross-domain requests.

Recommendation

Upgrade to Adobe Reader/Acrobat version 9.3.1 or 8.2.1 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 15, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available