Home > Vulnerability Database > CVE-2010-2206

Mend.io Vulnerability Database

CVE-2010-2206

Date: June 30, 2010

Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow.

Severity Score

5.6

Related Resources (10)

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2206

Url: http://www.securityfocus.com/bid/41241

Url: http://www.securityfocus.com/archive/1/512092/100/0/threaded

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-2206

Url: http://www.vupen.com/english/advisories/2010/1636

Url: http://www.adobe.com/support/security/bulletins/apsb10-15.html

Url: http://secunia.com/secunia_research/2010-88/

Url: http://www.securitytracker.com/id?1024159

Url: https://www.mend.io/vulnerability-database/CVE-2010-2206

Severity Score

5.6

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-2206

Date: June 30, 2010

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?