Vulnerability Details CVE-2010-1278
Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.139
EPSS Ranking 94.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.securityfocus.com/archive/1/510868/100/0/threaded
- http://www.securitytracker.com/id?1023908
- http://www.zerodayinitiative.com/advisories/ZDI-10-077/
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.securityfocus.com/archive/1/510868/100/0/threaded
- http://www.securitytracker.com/id?1023908
- http://www.zerodayinitiative.com/advisories/ZDI-10-077/
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500
Products affected by CVE-2010-1278
-
cpe:2.3:a:adobe:acrobat:8.0
-
cpe:2.3:a:adobe:acrobat:8.1
-
cpe:2.3:a:adobe:acrobat:8.1.1
-
cpe:2.3:a:adobe:acrobat:8.1.2
-
cpe:2.3:a:adobe:acrobat:8.1.3
-
cpe:2.3:a:adobe:acrobat:8.1.4
-
cpe:2.3:a:adobe:acrobat:8.1.5
-
cpe:2.3:a:adobe:acrobat:8.1.6
-
cpe:2.3:a:adobe:acrobat:8.1.7
-
cpe:2.3:a:adobe:acrobat:9.0
-
cpe:2.3:a:adobe:acrobat:9.1
-
cpe:2.3:a:adobe:acrobat:9.1.1
-
cpe:2.3:a:adobe:acrobat:9.1.2
-
cpe:2.3:a:adobe:acrobat:9.1.3
-
cpe:2.3:a:adobe:acrobat:9.2
-
cpe:2.3:a:adobe:reader:8.0.0
-
cpe:2.3:a:adobe:reader:8.1.1
-
cpe:2.3:a:adobe:reader:8.1.2
-
cpe:2.3:a:adobe:reader:8.1.4
-
cpe:2.3:a:adobe:reader:8.1.5
-
cpe:2.3:a:adobe:reader:8.1.6
-
cpe:2.3:a:adobe:reader:8.1.7
-
cpe:2.3:a:adobe:reader:9.0
-
cpe:2.3:a:adobe:reader:9.1
-
cpe:2.3:a:adobe:reader:9.1.1
-
cpe:2.3:a:adobe:reader:9.1.2
-
cpe:2.3:a:adobe:reader:9.1.3
-
cpe:2.3:a:adobe:reader:9.2