Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2010-0188

Disclosure Date: February 22, 2010 •

CVE-2010-0188 CVSS v3 Base Score: 7.8

Exploited in the Wild

Reported by gwillcox-r7
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Metasploit Module

Adobe Acrobat Bundled LibTIFF Integer Overflow

Description

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.8 High

Impact Score:

5.9

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

adobe

Products

acrobat,
acrobat reader

Metasploit Modules

Adobe Acrobat Bundled LibTIFF Integer Overflow (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_libtiff.rb)

Exploited in the Wild

Reported by:

gwillcox-r7 indicated source as Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

Reported: March 07, 2022 6:07pm UTC (2 years ago)

References

Canonical

CVE-2010-0188 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188)

BID-38195 (http://www.securityfocus.com/bid/38195)

Advisory

ADV-2010-0399 (http://www.vupen.com/english/advisories/2010/0399)

XF-adobe-unspec-priv-escalation(56297) (https://exchange.xforce.ibmcloud.com/vulnerabilities/56297)

http://www.redhat.com/support/errata/RHSA-2010-0114.html

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8697

http://www.adobe.com/support/security/bulletins/apsb10-07.html

SECUNIA-38639 (http://secunia.com/advisories/38639)

SECTRACK-1023601 (http://securitytracker.com/id?1023601)

SECUNIA-38915 (http://secunia.com/advisories/38915)

Rapid7

Unknown

CVE-2010-0188

Unknown

Unknown

None

Low

Local

CVE-2010-0188

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2010-0188

Unknown

Unknown

None

Low

Local

CVE-2010-0188

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

Metasploit Modules

Exploited in the Wild

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification