| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, has been found in Adobe Acrobat Reader. This affects an unknown function. This manipulation causes untrusted search path. The identification of this vulnerability is CVE-2011-0570. There is no exploit available. It is advisable to upgrade the affected component.
Details
A vulnerability classified as problematic was found in Adobe Acrobat Reader (Document Reader Software). Affected by this vulnerability is an unknown functionality. The manipulation with an unknown input leads to a untrusted search path vulnerability. The CWE definition for the vulnerability is CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588.
The weakness was shared 02/10/2011 by Haifei Li with Fortinet's FortiGuard Labs (Website). The advisory is shared at adobe.com. This vulnerability is known as CVE-2011-0570 since 01/19/2011. An attack has to be approached locally. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1574 for this issue.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 51924 (Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 165553 (SUSE Enterprise Linux Security Update acroread (SUSE-SA:2011:011)).
Upgrading to version 9.0 eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 10959.
The vulnerability is also documented in the databases at Tenable (51924), SecurityFocus (BID 46255†), SecurityTracker (ID 1025033†) and Vulnerability Center (SBV-29695†). The entries VDB-4299, VDB-56469, VDB-56468 and VDB-56467 are related to this item. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.adobe.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.9
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Untrusted search pathCWE: CWE-426
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 51924
Nessus Name: Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 801844
OpenVAS Name: Adobe Reader and Acrobat Multiple Vulnerabilities February-2011 (Windows)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Acrobat Reader 9.0
TippingPoint: 🔍
Timeline
01/19/2011 🔍02/07/2011 🔍
02/07/2011 🔍
02/07/2011 🔍
02/07/2011 🔍
02/08/2011 🔍
02/08/2011 🔍
02/10/2011 🔍
02/10/2011 🔍
03/20/2015 🔍
10/16/2021 🔍
Sources
Vendor: adobe.comAdvisory: adobe.com
Researcher: Haifei Li
Organization: Fortinet's FortiGuard Labs
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2011-0570 (🔍)
GCVE (CVE): GCVE-0-2011-0570
GCVE (VulDB): GCVE-100-56449
OVAL: 🔍
X-Force: 65289
SecurityFocus: 46255 - Adobe Acrobat and Reader CVE-2011-0570 DLL Loading Arbitrary Code Execution Vulnerability
SecurityTracker: 1025033
Vulnerability Center: 29695 - [APSB11-03] Adobe Acrobat and Reader Remote Arbitrary Code Execution Vulnerability via a Crafted Media File, Medium
Vupen: ADV-2011-0337
See also: 🔍
Entry
Created: 03/20/2015 16:16Updated: 10/16/2021 19:07
Changes: 03/20/2015 16:16 (69), 10/17/2018 08:49 (13), 10/16/2021 19:00 (3), 10/16/2021 19:07 (1)
Complete: 🔍
Cache ID: 216:FD0:103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.