vendor:
Adobe Acrobat Reader
by:
Unknown
9
CVSS
CRITICAL
Remote Code Execution
CWE
Product Name: Adobe Acrobat Reader
Affected Version From: Adobe Reader 9.3.2
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2010-2168
CPE: a:adobe:acrobat_reader:9.3.2
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0503/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-1285/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-2168/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-2201/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-1285/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-2168/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-2201/, https://www.rapid7.com/db/vulnerabilities/apsb10-15-adobe-reader-invalid-pointer-cve-2010-1285/, https://www.rapid7.com/db/vulnerabilities/apsb10-15-adobe-reader-invalid-pointer-cve-2010-2168/, https://www.rapid7.com/db/vulnerabilities/apsb10-15-adobe-reader-invalid-pointer-cve-2010-2201/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb10-15-CVE-2010-1285/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb10-15-CVE-2010-2168/, https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb10-15-CVE-2010-2201/
Platforms Tested:
2010
Adobe Acrobat Reader and Flash ‘newfunction’ Remote Code Execution Vulnerability
This exploit allows remote code execution in Adobe Acrobat Reader and Flash through the 'newfunction' vulnerability.
Mitigation:
Update Adobe Acrobat Reader and Flash to the latest version.
