Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
BID:39227
Info
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
| Bugtraq ID: | 39227 |
| Class: | Unknown |
| CVE: |
CVE-2010-0200 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 31 2010 12:00AM |
| Updated: | Mar 19 2015 09:06AM |
| Credit: | Haifei Li and Guillaume Lovet |
| Vulnerable: |
SuSE SUSE Linux Enterprise Desktop 11 SuSE SUSE Linux Enterprise Desktop 10 SP3 SuSE SUSE Linux Enterprise Desktop 10 SP2 S.u.S.E. openSUSE 11.2 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 Adobe Reader 9.3.1 |
| Not Vulnerable: | |
Discussion
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
Adobe Reader is prone to a remote code-execution vulnerability.
Very few details are available regarding this issue. We will update this BID as more information emerges.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Adobe Reader 9.3.1 is vulnerable; other versions or applications may also be affected.
Adobe Reader is prone to a remote code-execution vulnerability.
Very few details are available regarding this issue. We will update this BID as more information emerges.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Adobe Reader 9.3.1 is vulnerable; other versions or applications may also be affected.
Exploit / POC
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
The researcher who discovered this issue has developed a private exploit. This exploit is not otherwise publicly available or known to be circulating in the wild.
Currently we are not aware of any working public exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The researcher who discovered this issue has developed a private exploit. This exploit is not otherwise publicly available or known to be circulating in the wild.
Currently we are not aware of any working public exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 11.2
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
S.u.S.E. openSUSE 11.1
-
SuSE acroread-9.3.2-0.1.1.i586.rpm
http://download.opensuse.org/update/11.1/rpm/i586/acroread-9.3.2-0.1.1 .i586.rpm -
SuSE acroread-cmaps-9.3.2-0.1.1.noarch.rpm
http://download.opensuse.org/update/11.1/rpm/noarch/acroread-cmaps-9.3 .2-0.1.1.noarch.rpm -
SuSE acroread-fonts-ja-9.3.2-0.1.1.noarch.rpm
http://download.opensuse.org/update/11.1/rpm/noarch/acroread-fonts-ja- 9.3.2-0.1.1.noarch.rpm -
SuSE acroread-fonts-ko-9.3.2-0.1.1.noarch.rpm
http://download.opensuse.org/update/11.1/rpm/noarch/acroread-fonts-ko- 9.3.2-0.1.1.noarch.rpm -
SuSE acroread-fonts-zh_CN-9.3.2-0.1.1.noarch.rpm
http://download.opensuse.org/update/11.1/rpm/noarch/acroread-fonts-zh_ CN-9.3.2-0.1.1.noarch.rpm -
SuSE acroread-fonts-zh_TW-9.3.2-0.1.1.noarch.rpm
http://download.opensuse.org/update/11.1/rpm/noarch/acroread-fonts-zh_ TW-9.3.2-0.1.1.noarch.rpm
S.u.S.E. openSUSE 11.0
-
SuSE acroread-9.3.2-0.1.i586.rpm
http://download.opensuse.org/update/11.0/rpm/i586/acroread-9.3.2-0.1.i 586.rpm -
SuSE acroread-cmaps-9.3.2-0.1.noarch.rpm
http://download.opensuse.org/update/11.0/rpm/noarch/acroread-cmaps-9.3 .2-0.1.noarch.rpm -
SuSE acroread-fonts-ja-9.3.2-0.1.noarch.rpm
http://download.opensuse.org/update/11.0/rpm/noarch/acroread-fonts-ja- 9.3.2-0.1.noarch.rpm -
SuSE acroread-fonts-ko-9.3.2-0.1.noarch.rpm
http://download.opensuse.org/update/11.0/rpm/noarch/acroread-fonts-ko- 9.3.2-0.1.noarch.rpm -
SuSE acroread-fonts-zh_CN-9.3.2-0.1.noarch.rpm
http://download.opensuse.org/update/11.0/rpm/noarch/acroread-fonts-zh_ CN-9.3.2-0.1.noarch.rpm -
SuSE acroread-fonts-zh_TW-9.3.2-0.1.noarch.rpm
http://download.opensuse.org/update/11.0/rpm/noarch/acroread-fonts-zh_ TW-9.3.2-0.1.noarch.rpm
S.u.S.E. openSUSE 11.2
-
SuSE acroread-9.3.2-0.2.1.i586.rpm
http://download.opensuse.org/update/11.2/rpm/i586/acroread-9.3.2-0.2.1 .i586.rpm -
SuSE acroread-cmaps-9.3.2-0.2.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/acroread-cmaps-9.3 .2-0.2.1.noarch.rpm -
SuSE acroread-fonts-ja-9.3.2-0.2.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/acroread-fonts-ja- 9.3.2-0.2.1.noarch.rpm -
SuSE acroread-fonts-ko-9.3.2-0.2.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/acroread-fonts-ko- 9.3.2-0.2.1.noarch.rpm -
SuSE acroread-fonts-zh_CN-9.3.2-0.2.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/acroread-fonts-zh_ CN-9.3.2-0.2.1.noarch.rpm -
SuSE acroread-fonts-zh_TW-9.3.2-0.2.1.noarch.rpm
http://download.opensuse.org/update/11.2/rpm/noarch/acroread-fonts-zh_ TW-9.3.2-0.2.1.noarch.rpm
References
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
References:
References:
- A New Heap-Based Vulnerability: CVE-2010-0200 (SecureNetworksW)
- Adobe Homepage (Adobe)
- The Upcoming Black Hat Europe 2010 presentation (Haifei Li)