CVE-2010-2212

Adobe Acrobat and Reader 9.x < 9.3.3 and 8.x < 8.2.3 - Remote Code Execution via Crafted Flash Tag in PDF

Title source: llm
STIX 2.1

Description

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/512095/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1636
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb10-15.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024159
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6798

Scores

EPSS 0.0445
EPSS Percentile 90.3%

Details

CWE
CWE-119
Status published
Products (40)
adobe/acrobat 9.0
adobe/acrobat 9.1
adobe/acrobat 9.1.1
adobe/acrobat 9.1.2
adobe/acrobat 9.1.3
adobe/acrobat 9.2
adobe/acrobat 9.3
adobe/acrobat 9.3.1
adobe/acrobat 9.3.2
adobe/acrobat 8.0
... and 30 more
Published Jun 30, 2010
Tracked Since Feb 18, 2026