Back to search

APSB10-15: Security updates available for Adobe Reader and Acrobat (CVE-2010-1297)

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) June 08, 2010 April 12, 2012 August 22, 2013

Available Exploits 

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Acrobat >= 8 and < 8.2.3

    Upgrade to Adobe Acrobat/Reader version 8.2.3

    It is recommended that you upgrade to Adobe Acrobat/Reader 8.2.3 or later. In the Help menu, select the 'Check for Updates...' option.

  • Acrobat >= 9 and < 9.3.3

    Upgrade to Adobe Acrobat/Reader version 9.3.3

    It is recommended that you upgrade to Adobe Acrobat/Reader 9.3.3 or later. In the Help menu, select the 'Check for Updates...' option.

Related Vulnerabilities