What is CVE-2010-1240?

CVE-2010-1240 is a vulnerability in Adobe Acrobat_reader, classified under CWE-264. Published 2010-04-05.

Is CVE-2010-1240 known to be exploited?

13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Adobe Acrobat_reader

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into execu…

EPSS: 0.914 (99.7th percentile) — read the EPSS interpretation.

Affected products

Adobe Acrobat_reader — versions 9.3.1
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
[dailydave] 20100401 0day, it may not be (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_CONFIRM)
1024159 (vdb-entry, x_refsource_SECTRACK)
TA10-231A (US Government Resource, x_refsource_CERT, third-party-advisory)
ADV-2010-1636 (vdb-entry, x_refsource_VUPEN)
oval:org.mitre.oval:def:7466 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2010-1240?: CVE-2010-1240 is a vulnerability in Adobe Acrobat_reader, classified under CWE-264. Published 2010-04-05.
Is CVE-2010-1240 known to be exploited?: 13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.