CVE-2010-1241

EXPLOITED

Adobe Reader/Acrobat <9.3.2/8.2.2 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2010-1241 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57589
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39227
Various Sources mailing-list x_refsource_mlist
http://lists.immunitysec.com/pipermail/dailydave/2010-April/006077.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0873
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-103C.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6940
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39329
Various Sources x_refsource_misc
http://www.youtube.com/watch?v=9EVHtY1-0q8

Scores

EPSS 0.0921
EPSS Percentile 94.7%

Details

VulnCheck KEV 2012-10-18
CWE
CWE-119
Status published
Products (18)
adobe/acrobat_reader 8.0
adobe/acrobat_reader 8.1
adobe/acrobat_reader 8.1.1
adobe/acrobat_reader 8.1.2
adobe/acrobat_reader 8.1.4
adobe/acrobat_reader 8.1.5
adobe/acrobat_reader 8.1.6
adobe/acrobat_reader 8.1.7
adobe/acrobat_reader 8.2
adobe/acrobat_reader 8.2.1
... and 8 more
Published Apr 05, 2010
Tracked Since Feb 18, 2026