Vulnerability Description
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | 9.0 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
| Adobe | Acrobat Reader | 9.0 |
Related Weaknesses (CWE)
References
- http://www.adobe.com/support/security/bulletins/apsb10-15.htmlPatchVendor Advisory
- http://www.securityfocus.com/archive/1/512099
- http://www.securityfocus.com/bid/41232
- http://www.securitytracker.com/id?1024159
- http://www.vupen.com/english/advisories/2010/1636
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.adobe.com/support/security/bulletins/apsb10-15.htmlPatchVendor Advisory
- http://www.securityfocus.com/archive/1/512099
- http://www.securityfocus.com/bid/41232
- http://www.securitytracker.com/id?1024159
- http://www.vupen.com/english/advisories/2010/1636
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2010-1285?
CVE-2010-1285 is a vulnerability with a CVSS score of 9.3 (HIGH). Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator ...
How severe is CVE-2010-1285?
CVE-2010-1285 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1285?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Apple Mac Os X, Microsoft Windows, Adobe Acrobat Reader.