Adobe Acrobat and Reader CVE-2010-0188 Remote Code Execution Vulnerability

Adobe Acrobat and Reader are prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are affected:

Reader 9.3 for Windows, Macintosh, and UNIX
Acrobat 9.3 for Windows and Macintosh
Reader 8.2 for Windows and Macintosh
Acrobat 8.2 for Windows and Macintosh

NOTE: This BID was originally titled 'Adobe Acrobat and Reader APSB10-07 Unspecified Security Vulnerabilities' but has been updated with the release of the Adobe patches.

NOTE (February 19, 2010): Reports indicate that this issue may be related to the vulnerability discussed in BID 19283 (LibTIFF TiffFetchShortPair Remote Buffer Overflow Vulnerability). We will update this BID as more information emerges.


Privacy Statement
Copyright 2010, SecurityFocus