{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-29T00:00:00", "descriptions": [{"lang": "en", "value": "Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "ADV-2010-1636", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1636"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"}, {"name": "20100630 Secunia Research: Adobe Reader GIF Image Parsing Array-Indexing Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://secunia.com/secunia_research/2010-88/"}, {"name": "oval:org.mitre.oval:def:7200", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"}, {"name": "1024159", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024159"}, {"name": "41241", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/41241"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2010-2206", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2010-1636", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1636"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb10-15.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"}, {"name": "20100630 Secunia Research: Adobe Reader GIF Image Parsing Array-Indexing Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"}, {"name": "http://secunia.com/secunia_research/2010-88/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2010-88/"}, {"name": "oval:org.mitre.oval:def:7200", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"}, {"name": "1024159", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024159"}, {"name": "41241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/41241"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:25:07.482Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2010-1636", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1636"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"}, {"name": "20100630 Secunia Research: Adobe Reader GIF Image Parsing Array-Indexing Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://secunia.com/secunia_research/2010-88/"}, {"name": "oval:org.mitre.oval:def:7200", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"}, {"name": "1024159", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1024159"}, {"name": "41241", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/41241"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2010-2206", "datePublished": "2010-06-30T18:00:00", "dateReserved": "2010-06-08T00:00:00", "dateUpdated": "2024-08-07T02:25:07.482Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow."}, {"lang": "es", "value": "Error de \u00edndice de matriz en archivo AcroForm.api en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3.3 y versi\u00f3n 8.x anterior a 8.2.3 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF creada en un archivo PDF, lo que omite una comprobaci\u00f3n de tama\u00f1o y desencadena un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."}], "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-15.html\r\n\r\n'This update resolves an array-indexing error vulnerability that could lead to code execution (CVE-2010-2206).'", "id": "CVE-2010-2206", "lastModified": "2018-10-30T16:25:16.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-06-30T18:30:01.660", "references": [{"source": "psirt@adobe.com", "url": "http://secunia.com/secunia_research/2010-88/"}, {"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"}, {"source": "psirt@adobe.com", "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"}, {"source": "psirt@adobe.com", "url": "http://www.securityfocus.com/bid/41241"}, {"source": "psirt@adobe.com", "url": "http://www.securitytracker.com/id?1024159"}, {"source": "psirt@adobe.com", "url": "http://www.vupen.com/english/advisories/2010/1636"}, {"source": "psirt@adobe.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2010:0503", "cpe": "cpe:/a:redhat:rhel_extras:4", "impact": "critical", "package": "acroread-0:9.3.3-2.el4", "product_name": "Extras for RHEL 4", "release_date": "2010-06-30T00:00:00Z"}, {"advisory": "RHSA-2010:0503", "cpe": "cpe:/a:redhat:rhel_extras:5", "impact": "critical", "package": "acroread-0:9.3.3-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2010-06-30T00:00:00Z"}], "bugzilla": {"description": "acroread: multiple code execution flaws (APSB10-15)", "id": "609203", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=609203"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow."], "name": "CVE-2010-2206", "public_date": "2010-06-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-2206\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-2206"], "threat_severity": "Critical"}