CVE-2010-1241

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.

• CWE-119

• http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation/Exploit
• http://lists.immunitysec.com/pipermail/dailydave/2010-April/006077.html
• http://www.adobe.com/support/security/bulletins/apsb10-09.html
• http://www.blackhat.com/html/bh-eu-10/bh-eu-10-briefings.html#Li
• http://www.securityfocus.com/bid/39227
• http://www.securityfocus.com/bid/39329
• http://www.us-cert.gov/cas/techalerts/TA10-103C.htmlUS Government Resource
• http://www.vupen.com/english/advisories/2010/0873Vendor Advisory
• http://www.youtube.com/watch?v=9EVHtY1-0q8
• https://exchange.xforce.ibmcloud.com/vulnerabilities/57589
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6940
• http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation/Exploit
• http://lists.immunitysec.com/pipermail/dailydave/2010-April/006077.html
• http://www.adobe.com/support/security/bulletins/apsb10-09.html
• http://www.blackhat.com/html/bh-eu-10/bh-eu-10-briefings.html#Li
• http://www.securityfocus.com/bid/39227
• http://www.securityfocus.com/bid/39329
• http://www.us-cert.gov/cas/techalerts/TA10-103C.htmlUS Government Resource
• http://www.vupen.com/english/advisories/2010/0873Vendor Advisory
• http://www.youtube.com/watch?v=9EVHtY1-0q8
• https://exchange.xforce.ibmcloud.com/vulnerabilities/57589
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6940

Published

Apr 5, 2010

Last Modified

Jun 16, 2026

Status

Modified