Summary
This host has Adobe Acrobat or Adobe Reader or Adobe flash Player installed, and is prone to code execution vulnerability.
Impact
Successful exploitation will let attackers to corrupt memory and execute arbitrary code on the system with elevated privileges.
Impact Level: Application/System
Solution
Upgrade to adobe flash version 10.1.85.3 or later and Adobe Reader/Acrobat version 9.4 or later. For details refer, http://www.adobe.com/downloads/
Insight
The flaw is caused by an unspecified error when processing malformed 'Flash' or '3D' and 'Multimedia' content within a PDF document, which could be exploited by attackers to execute arbitrary code by convincing a user to open a specially crafted PDF file.
Affected
Adobe Reader/Acrobat version 9.3.4 and prior on Windows.
Adobe Flash Player version 10.1.82.76 and prior on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2010-2884 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)