Secunia

Customer Area icon help

Need help?

Try CSI

Download PSI icon Scan now

Scan Now

Community

Advisories

Database Search Advisories by Product Advisories by Vendor Terminology Report vulnerability

Research Forum My Profile

Community Login

Register now
Forgot password?

Secunia Advisory SA38551

Adobe Reader/Acrobat Domain Sandbox Bypass Vulnerability

Secunia Advisory	SA38551	DOWNLOAD CSI DOWNLOAD PSI
Release Date	2010-02-12

Popularity	588 views

Criticality level	Moderately critical
Impact	Security Bypass
Where	From remote
Authentication level	Available in Customer Area

Report reliability	Available in Customer Area
Solution Status	Unpatched


Systems affected	Available in Customer Area
Approve distribution	Available in Customer Area
Automated scanning	Secunia CSI, Secunia PSI

Software:	Adobe Acrobat 3D 8.x Adobe Acrobat 8 Professional Adobe Acrobat 8.x Adobe Acrobat 9.x Adobe Reader 8.x Adobe Reader 9.x

Secunia CVSS Score	Available in Customer Area
CVE Reference(s)	CVE-2010-0186 CVSS available in Customer Area

Description
A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an error in Flash player and can be exploited to perform unauthorized cross-domain requests.

For more information:
SA38547

NOTE: Other vulnerabilities are also reportedly present.

The vulnerability is reported in Adobe Reader and Adobe Acrobat versions 9.3 and prior.

Solution
Do not browse untrusted websites or follow untrusted links. Do not open untrusted PDF files.
Further details available in Customer Area

Changelog
Further details available in Customer Area

Original Advisory
http://www.adobe.com/support/security/bulletins/apsb10-07.html

Other references
Further details available in Customer Area

Technical Analysis
Further details available in Customer Area

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available in Customer Area