Details of VAR-201105-0042

ID

VAR-201105-0042

CVE

CVE-2011-0610

TITLE

plural Adobe Product CoolType Vulnerability to execute arbitrary code in library

Trust: 0.8

sources: JVNDB: JVNDB-2011-001593

DESCRIPTION

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. plural Adobe Product CoolType The library could execute arbitrary code or disrupt service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability due to a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader is an excellent PDF document reading software developed by Adobe Corporation of the United States. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure

Trust: 2.07

sources: NVD: CVE-2011-0610 // JVNDB: JVNDB-2011-001593 // BID: 47531 // VULHUB: VHN-48555 // VULMON: CVE-2011-0610

AFFECTED PRODUCTS

vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.2	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.3	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0.2	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.4.1	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.3	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	10.0.1	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.2	Trust: 1.9
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.4	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3.1	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.3	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.1	Trust: 1.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.2	Trust: 1.3
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.4.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.4	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0.2	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3.0	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	10.0.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.0	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	9.0	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	lte	version:	x(10.0.2) for windows and macintosh	Trust: 0.8
vendor:	adobe	model:	reader	scope:	lte	version:	x(10.0.1) for windows	Trust: 0.8
vendor:	adobe	model:	reader	scope:	lte	version:	x(10.0.2) for macintosh	Trust: 0.8
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.0	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.0	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.2.5	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.2.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.1.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.2.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.6	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.4.3	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	ne	version:	9.4.4	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.4	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.4	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.2.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.2.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.0	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	ne	version:	10.0.3	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	ne	version:	10.0.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.5	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.2.5	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.2.5	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.2.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.2.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.2.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.7	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.4.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.0	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional extended	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	10.0	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.4.1	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	eq	version:	8.1.8	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	adobe	model:	acrobat	scope:	ne	version:	9.4.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	ne	version:	9.4.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	ne	version:	10.0.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.3	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2.5	Trust: 0.3
vendor:	adobe	model:	acrobat professional security updat	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	reader security updat	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.2.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.7	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	10.0	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	ne	version:	9.4.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.4	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.4	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.1.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.1.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.6	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.3.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.0	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.2.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.7	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.1.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.4.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.3	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.2	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	9.1.3	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	10.0	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.6	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	9.4.3	Trust: 0.3
vendor:	adobe	model:	reader	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.2.4	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.2	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.4.1	Trust: 0.3
vendor:	adobe	model:	acrobat standard	scope:	eq	version:	9.3.4	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	eq	version:	8.1.2	Trust: 0.3
vendor:	adobe	model:	acrobat professional	scope:	ne	version:	10.0.3	Trust: 0.3

sources: BID: 47531 // JVNDB: JVNDB-2011-001593 // CNNVD: CNNVD-201105-009 // NVD: CVE-2011-0610

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0610
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-0610
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201105-009
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-48555
value:	HIGH
Trust: 0.1
VULMON:	CVE-2011-0610
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-0610
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-48555
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-48555 // VULMON: CVE-2011-0610 // JVNDB: JVNDB-2011-001593 // CNNVD: CNNVD-201105-009 // NVD: CVE-2011-0610

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-48555 // JVNDB: JVNDB-2011-001593 // NVD: CVE-2011-0610

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201105-009

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201105-009

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-001593

PATCH

title:	APSB11-08	url:	http://www.adobe.com/support/security/bulletins/apsb11-08.html	Trust: 0.8
title:	APSB11-08	url:	http://www.adobe.com/jp/support/security/bulletins/apsb11-08.html	Trust: 0.8
title:	cpsid_90054	url:	http://kb2.adobe.com/jp/cps/900/cpsid_90054.html	Trust: 0.8

sources: JVNDB: JVNDB-2011-001593

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0610	Trust: 2.9
db:	BID	id:	47531	Trust: 1.3
db:	JVNDB	id:	JVNDB-2011-001593	Trust: 0.8
db:	CNNVD	id:	CNNVD-201105-009	Trust: 0.7
db:	VULHUB	id:	VHN-48555	Trust: 0.1
db:	VULMON	id:	CVE-2011-0610	Trust: 0.1

sources: VULHUB: VHN-48555 // VULMON: CVE-2011-0610 // BID: 47531 // JVNDB: JVNDB-2011-001593 // CNNVD: CNNVD-201105-009 // NVD: CVE-2011-0610

REFERENCES

url:	http://www.adobe.com/support/security/bulletins/apsb11-08.html	Trust: 2.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13967	Trust: 1.2
url:	http://www.securityfocus.com/bid/47531	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0610	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2011/at110010.txt	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0610	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/#topics	Trust: 0.8
url:	http://www.adobe.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-48555 // VULMON: CVE-2011-0610 // BID: 47531 // JVNDB: JVNDB-2011-001593 // CNNVD: CNNVD-201105-009 // NVD: CVE-2011-0610

CREDITS

CERT Polska and Paul Baccas of Sophos

Trust: 0.3

sources: BID: 47531

SOURCES

db:	VULHUB	id:	VHN-48555
db:	VULMON	id:	CVE-2011-0610
db:	BID	id:	47531
db:	JVNDB	id:	JVNDB-2011-001593
db:	CNNVD	id:	CNNVD-201105-009
db:	NVD	id:	CVE-2011-0610

LAST UPDATE DATE

2024-11-23T23:12:57.783000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-48555	date:	2017-09-19T00:00:00
db:	VULMON	id:	CVE-2011-0610	date:	2017-09-19T00:00:00
db:	BID	id:	47531	date:	2013-06-20T09:38:00
db:	JVNDB	id:	JVNDB-2011-001593	date:	2011-05-18T00:00:00
db:	CNNVD	id:	CNNVD-201105-009	date:	2011-05-18T00:00:00
db:	NVD	id:	CVE-2011-0610	date:	2024-11-21T01:24:25.047

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-48555	date:	2011-05-03T00:00:00
db:	VULMON	id:	CVE-2011-0610	date:	2011-05-03T00:00:00
db:	BID	id:	47531	date:	2011-04-21T00:00:00
db:	JVNDB	id:	JVNDB-2011-001593	date:	2011-05-18T00:00:00
db:	CNNVD	id:	CNNVD-201105-009	date:	2011-05-04T00:00:00
db:	NVD	id:	CVE-2011-0610	date:	2011-05-03T19:55:01.247