Signature Detail

HTTP: Adobe Acrobat Reader CVE-2010-0197 Memory Corruption

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. NOTE: This BID is being retired; the following individual records have been created to document these vulnerabilities: 39515 Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability 39517 Adobe Acrobat and Reader Prefix Protocol Handler Remote Code Execution Vulnerability 39523 Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability 39524 Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability 39521 Adobe Acrobat and Reader CVE-2010-0196 Denial of Service Vulnerability 39518 Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability 39505 Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability 39511 Adobe Acrobat and Reader JPEG Data Remote Buffer Overflow Vulnerability 39520 Adobe Acrobat and Reader CVE-2010-0201 Remote Code Execution Vulnerability 39514 Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability 39507 Adobe Acrobat and Reader BMP Data Remote Buffer Overflow Vulnerability 39522 Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability 39470 Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability 39469 Adobe Acrobat and Reader CVE-2010-0194 X3D Component Remote Code Execution Vulnerability 39417 Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability

Affected Products

• Adobe acrobat 9.1.1
• Adobe acrobat 9.2
• Adobe acrobat 9.3
• Adobe acrobat 9.3.1
• Adobe acrobat_professional 8.0
• Adobe acrobat_professional 8.1
• Adobe acrobat_professional 8.1.1
• Adobe acrobat_professional 8.1.2
• Adobe acrobat_professional 8.1.2 Security Update 1
• Adobe acrobat_professional 8.1.3
• Adobe acrobat_professional 8.1.4
• Adobe acrobat_professional 8.1.6
• Adobe acrobat_professional 8.1.7
• Adobe acrobat_professional 8.2
• Adobe acrobat_professional 8.2.1
• Adobe acrobat_professional 9.3
• Adobe acrobat_professional 9.3.1
• Adobe acrobat_standard 8.0
• Adobe acrobat_standard 8.1
• Adobe acrobat_standard 8.1.1
• Adobe acrobat_standard 8.1.2
• Adobe acrobat_standard 8.1.3
• Adobe acrobat_standard 8.1.4
• Adobe acrobat_standard 8.1.6
• Adobe acrobat_standard 8.1.7
• Adobe acrobat_standard 8.2
• Adobe acrobat_standard 8.2.1
• Adobe acrobat_standard 9
• Adobe acrobat_standard 9.1
• Adobe acrobat_standard 9.1.2
• Adobe acrobat_standard 9.1.3
• Adobe acrobat_standard 9.2
• Adobe acrobat_standard 9.3
• Adobe acrobat_standard 9.3.1
• Adobe reader 8.0
• Adobe reader 8.1
• Adobe reader 8.1.1
• Adobe reader 8.1.2
• Adobe reader 8.1.2 Security Update 1
• Adobe reader 8.1.3
• Adobe reader 8.1.4
• Adobe reader 8.1.5
• Adobe reader 8.1.6
• Adobe reader 8.1.7
• Adobe reader 8.2
• Adobe reader 8.2.1
• Adobe reader 9
• Adobe reader 9.1
• Adobe reader 9.1.1
• Adobe reader 9.1.2
• Adobe reader 9.1.3
• Adobe reader 9.2
• Adobe reader 9.3
• Adobe reader 9.3.1
• Red_hat desktop_extras 4
• Red_hat enterprise_linux_as_extras 4
• Red_hat enterprise_linux_desktop_supplementary 5 Client
• Red_hat enterprise_linux_es_extras 4
• Red_hat enterprise_linux_extras 4
• Red_hat enterprise_linux_supplementary 5 Server
• Red_hat enterprise_linux_ws_extras 4

References

• BugTraq: 39329
• CVE: CVE-2010-0197