Vulnerabilities > CVE-2007-0046 - Unspecified vulnerability in Adobe Acrobat Reader

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
adobe
nessus

Summary

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-2508.NASL
    descriptionThe Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. (CVE-2006-5857) - Universal cross-site request forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. (CVE-2007-0044) - Cross-site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. (CVE-2007-0045) - A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). (CVE-2007-0046)
    last seen2020-06-01
    modified2020-06-02
    plugin id29370
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29370
    titleSuSE 10 Security Update : acroread (ZYPP Patch Number 2508)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29370);
      script_version ("1.21");
      script_cvs_date("Date: 2019/10/25 13:36:29");
    
      script_cve_id("CVE-2006-5857", "CVE-2007-0044", "CVE-2007-0045", "CVE-2007-0046");
    
      script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 2508)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The Adobe Acrobat Reader has been updated to version 7.0.9.
    
    This update also includes following security fixes :
    
      - A memory corruption problem was fixed in Adobe Acrobat
        Reader can potentially lead to code execution.
        (CVE-2006-5857)
    
      - Universal cross-site request forgery (CSRF) problems
        were fixed in the Acrobat Reader plugin which could be
        exploited by remote attackers to conduct CSRF attacks
        using any site that is providing PDFs. (CVE-2007-0044)
    
      - Cross-site scripting problems in the Acrobat Reader
        plugin were fixed, which could be exploited by remote
        attackers to conduct XSS attacks against any site that
        is providing PDFs. (CVE-2007-0045)
    
      - A double free problem in the Acrobat Reader plugin was
        fixed which could be used by remote attackers to
        potentially execute arbitrary code. Note that all
        platforms using Adobe Reader currently have counter
        measures against such attack where it will just cause a
        controlled abort(). (CVE-2007-0046)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2006-5857.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0044.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0045.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0046.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 2508.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(352, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/01/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:0, reference:"acroread-7.0.9-1.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyWindows
    NASL idADOBE_READER_709.NASL
    descriptionThe version of Adobe Reader installed on the remote host is earlier than 7.0.9 / 8.0 and is, therefore, reportedly affected by several security issues, including one that can lead to arbitrary code execution when processing a malicious PDF file.
    last seen2020-06-01
    modified2020-06-02
    plugin id24002
    published2007-01-10
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24002
    titleAdobe Reader < 6.0.6 / 7.0.9 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24002);
      script_version("1.24");
      script_cvs_date("Date: 2018/11/15 20:50:26");
    
      script_cve_id(
        "CVE-2006-5857", 
        "CVE-2007-0044", 
        "CVE-2007-0045", 
        "CVE-2007-0046",
        "CVE-2007-0047", 
        "CVE-2007-0048"
      );
      script_bugtraq_id(21858, 21981);
    
      script_name(english:"Adobe Reader < 6.0.6 / 7.0.9 Multiple Vulnerabilities");
      script_summary(english:"Checks version of Adobe Reader");
    
      script_set_attribute(attribute:"synopsis", value:
    "The PDF file viewer on the remote Windows host is affected by several
    vulnerabilities." );
      script_set_attribute(attribute:"description", value:
    "The version of Adobe Reader installed on the remote host is earlier
    than 7.0.9 / 8.0 and is, therefore, reportedly affected by several 
    security issues, including one that can lead to arbitrary code 
    execution when processing a malicious PDF file." );
      script_set_attribute(attribute:"see_also", value:"https://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt" );
      script_set_attribute(attribute:"see_also", value:"https://seclists.org/fulldisclosure/2007/Jan/199" );
      script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb07-01.html" );
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Adobe Reader 6.0.6 / 7.0.9 / 8.0 or later." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(352, 399);
    
      script_set_attribute(attribute:"plugin_publication_date", value: "2007/01/10");
      script_set_attribute(attribute:"vuln_publication_date", value: "2006/12/27");
      script_set_attribute(attribute:"patch_publication_date", value: "2007/01/09");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
      script_end_attributes();
     
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
      script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
      script_dependencies("adobe_reader_installed.nasl");
      script_require_keys("SMB/Acroread/Version");
      exit(0);
    }
    
    
    include("global_settings.inc");
    
    
    info = NULL;
    vers = get_kb_list('SMB/Acroread/Version');
    if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB item is missing.');
    
    foreach ver (vers)
    {
      if (ver =~ "^([0-5]\.|6\.0\.[0-5][^0-9.]?|7\.0\.[0-8][^0-9.]?)")
      {
        path = get_kb_item('SMB/Acroread/'+ver+'/Path');
        if (isnull(path)) exit(1, 'The "SMB/Acroread/'+ver+'/Path" KB item is missing.');
    
        verui = get_kb_item('SMB/Acroread/'+ver+'/Version_UI');
        if (isnull(verui)) exit(1, 'The "SMB/Acroread/'+ver+'/Version_UI" KB item is missing.');
    
        info += '  - ' + verui + ', under ' + path + '\n';
      }
    }
    
    if (isnull(info)) exit(0, 'The remote host is not affected.');
    
    if (report_verbosity > 0)
    {
      if (max_index(split(info)) > 1) s = "s of Adobe Reader are";
      else s = " of Adobe Reader is";
    
      report =
        '\nThe following vulnerable instance'+s+' installed on the'+
        '\nremote host :\n\n'+
        info;
      security_hole(port:get_kb_item("SMB/transport"), extra:report);
    }
    else security_hole(get_kb_item("SMB/transport"));
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2007_011.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2007:011 (acroread). The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes: CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. CVE-2007-0045: Cross site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. CVE-2007-0046: A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). Please note that the Acrobat Reader on SUSE Linux Enterprise Server 9 is affected too, but can not be updated currently due to GTK+ 2.4 requirements. We are trying to find a solution. Acrobat Reader on SUSE Linux Enterprise Server 8 and SUSE Linux Desktop 1 is no longer supported and should be deinstalled.
    last seen2019-10-28
    modified2007-02-18
    plugin id24464
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24464
    titleSUSE-SA:2007:011: acroread
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:011
    #
    
    
    if ( ! defined_func("bn_random") ) exit(0);
    
    include("compat.inc");
    
    if(description)
    {
     script_id(24464);
     script_version ("1.9");
     
     name["english"] = "SUSE-SA:2007:011: acroread";
     
     script_name(english:name["english"]);
     
     script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a vendor-supplied security patch" );
     script_set_attribute(attribute:"description", value:
    "The remote host is missing the patch for the advisory SUSE-SA:2007:011 (acroread).
    
    
    The Adobe Acrobat Reader has been updated to version 7.0.9.
    
    This update also includes following security fixes:
    
    CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat
    Reader can potentially lead to code execution.
    
    CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems
    		  were fixed in the Acrobat Reader plugin which could be
    		  exploited by remote attackers to conduct CSRF attacks
    		  using any site that is providing PDFs.
    
    CVE-2007-0045: Cross site scripting problems in the Acrobat Reader
    		  plugin were fixed, which could be exploited by remote
    		  attackers to conduct XSS attacks against any site that
    		  is providing PDFs.
    
    CVE-2007-0046: A double free problem in the Acrobat Reader plugin was fixed
    which could be used by remote attackers to potentially execute
    	          arbitrary code.
    	          Note that all platforms using Adobe Reader currently have
    	          counter measures against such attack where it will just
    	          cause a controlled abort().
    
    Please note that the Acrobat Reader on SUSE Linux Enterprise Server
    9 is affected too, but can not be updated currently due to GTK+
    2.4 requirements.  We are trying to find a solution.
    
    Acrobat Reader on SUSE Linux Enterprise Server 8 and SUSE Linux
    Desktop 1 is no longer supported and should be deinstalled." );
     script_set_attribute(attribute:"solution", value:
    "http://www.novell.com/linux/security/advisories/2007_11_acroread.html" );
     script_set_attribute(attribute:"risk_factor", value:"High" );
    
    
    
     script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
     script_end_attributes();
    
     
     summary["english"] = "Check for the version of the acroread package";
     script_summary(english:summary["english"]);
     
     script_category(ACT_GATHER_INFO);
     
     script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
     family["english"] = "SuSE Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/SuSE/rpm-list");
     exit(0);
    }
    
    include("rpm.inc");
    if ( rpm_check( reference:"acroread-7.0.9-2.1", release:"SUSE10.0") )
    {
     security_hole(0);
     exit(0);
    }
    if ( rpm_check( reference:"acroread-7.0.9-2.1", release:"SUSE9.3") )
    {
     security_hole(0);
     exit(0);
    }
    
  • NASL familyWindows
    NASL idADOBE_PDF_PLUGIN_80.NASL
    descriptionThe version of Adobe PDF Plug-In installed on the remote host is earlier than 8.0 / 7.0.9 / 6.0.6 and reportedly fails to properly sanitize input to the
    last seen2020-06-01
    modified2020-06-02
    plugin id23975
    published2007-01-05
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23975
    titleAdobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(23975);
      script_version("1.21");
      script_cvs_date("Date: 2018/11/15 20:50:26");
    
      script_cve_id(
        "CVE-2007-0044",
        "CVE-2007-0045",
        "CVE-2007-0046",
        "CVE-2007-0047",
        "CVE-2007-0048"
      );
      script_bugtraq_id(21858);
      script_xref(name:"CERT", value:"815960");
    
      script_name(english:"Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)");
      script_summary(english:"Checks version of nppdf32.dll");
    
      script_set_attribute(attribute:"synopsis", value:
    "The browser plugin on the remote Windows host is affected by multiple
    issues.");
      script_set_attribute(attribute:"description", value:
    "The version of Adobe PDF Plug-In installed on the remote host is
    earlier than 8.0 / 7.0.9 / 6.0.6 and reportedly fails to properly
    sanitize input to the 'FDF', 'XML', or 'XFDF' fields used by its 'Open
    Parameters' feature. By tricking a user into accessing a specially
    crafted link and depending on the browser with which the plugin is
    used, a remote attacker may be able to leverage these issues to
    conduct arbitrary code execution, denial of service, cross-site script
    forgery, or cross-site scripting attacks against a user on the remote
    host.");
      script_set_attribute(attribute:"see_also", value:"http://www.wisec.it/vulns.php?page=9");
      script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/455801/30/0/threaded");
      script_set_attribute(attribute:"see_also", value:"https://www.adobe.com/support/security/advisories/apsa07-01.html");
      script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb07-01.html");
      script_set_attribute(attribute:"solution", value:
    "Either disable displaying of PDF documents in web browsers or upgrade
    to Adobe Reader / Acrobat 8.0 / 7.0.9 / 6.0.6 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(352);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/01/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/05");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat");
      script_set_attribute(attribute:"cpe",value:"cpe:/a:adobe:acrobat_reader");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
      script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
      script_dependencies("smb_hotfixes.nasl", "opera_installed.nasl");
      script_require_keys("SMB/Registry/Enumerated");
      script_require_ports(139, 445);
      exit(0);
    }
    
    #
    
    include("smb_func.inc");
    include("smb_hotfixes.inc");
    include("audit.inc");
    
    if (!get_kb_item("SMB/Registry/Enumerated")) exit(0);
    
    
    # Connect to the appropriate share.
    name    =  kb_smb_name();
    port    =  kb_smb_transport();
    #if (!get_port_state(port)) exit(0);
    login   =  kb_smb_login();
    pass    =  kb_smb_password();
    domain  =  kb_smb_domain();
    
    #soc = open_sock_tcp(port);
    #if (!soc) exit(0);
    
    #session_init(socket:soc, hostname:name);
    
    if(!smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');
    
    
    rc = NetUseAdd(login:login, password:pass, domain:domain, share:"IPC$");
    if (rc != 1) {
      NetUseDel();
      exit(0);
    }
    
    
    # Connect to remote registry.
    hklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);
    if (isnull(hklm))
    {
      NetUseDel();
      exit(0);
    }
    
    
    # Determine possible installation paths.
    paths = make_array();
    # - Adobe itself.
    key = "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe";
    key_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);
    if (!isnull(key_h))
    {
      value = RegQueryValue(handle:key_h, item:"Path");
      if (!isnull(value))
      {
        paths["Adobe"] = string(value[1], "Browser");
      }
      RegCloseKey(handle:key_h);
    }
    # - Internet Explorer.
    key = "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE";
    key_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);
    if (!isnull(key_h))
    {
      value = RegQueryValue(handle:key_h, item:"Path");
      if (!isnull(value))
      {
        path = ereg_replace(pattern:"^(.+);$", replace:"\1", string:value[1]);
        paths["Internet Explorer"] = string(path, "\\PLUGINS");
      }
      RegCloseKey(handle:key_h);
    }
    # - Firefox.
    key = "SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\firefox.exe";
    key_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);
    if (!isnull(key_h))
    {
      value = RegQueryValue(handle:key_h, item:"Path");
      if (!isnull(value))
      {
        paths["Firefox"] = string(value[1], "plugins");
      }
      RegCloseKey(handle:key_h);
    }
    # - Opera
    path = get_kb_item("SMB/Opera/Path");
    if (!isnull(path))
    {
      # nb: Opera seems to look in a variety of places for its plugins.
      paths["Opera1"] = string(path, "\\program\\plugins");
      if (paths["Firefox"]) paths["Opera2"] = paths["Firefox"];
      if (paths["Adobe"])   paths["Opera3"] = paths["Adobe"];
    }
    RegCloseKey(handle:hklm);
    
    
    # Check the file version for each possible install path.
    info = "";
    found_opera_plugin = 0;
    foreach browser (sort(keys(paths)))
    {
      # Determine whether to check some browsers.
      if (
        (browser == "Adobe" && report_paranoia < 2) ||
        (browser =~ "Opera[23]" && found_opera_plugin == 1)
      ) check = 0;
      else check = 1;
    
      if (check)
      {
        # Determine its version from the executable itself.
        path = paths[browser];
        share = ereg_replace(pattern:"^([A-Za-z]):.*", replace:"\1$", string:path);
        dll =  ereg_replace(pattern:"^[A-Za-z]:(.*)", replace:"\1\nppdf32.dll", string:path);
        NetUseDel(close:FALSE);
    
        rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);
        if (rc != 1)
        {
          NetUseDel();
          exit(1);
        }
    
        fh = CreateFile(
          file:dll,
          desired_access:GENERIC_READ,
          file_attributes:FILE_ATTRIBUTE_NORMAL,
          share_mode:FILE_SHARE_READ,
          create_disposition:OPEN_EXISTING
        );
    
        if (!isnull(fh))
        {
          if ("Opera" >< browser) found_opera_plugin = 1;
    
          ver = GetFileVersion(handle:fh);
          CloseFile(handle:fh);
    
          # Check the version
          if (
            !isnull(ver) &&
            (
              ver[0] < 6 ||
              (ver[0] == 6 && ver[1] == 0 && ver[2] < 6) ||
              (ver[0] == 7 && ver[1] == 0 && ver[2] < 9)
            )
          )
          {
            version = string(ver[0], ".", ver[1], ".", ver[2], ".", ver[3]);
            if (browser == "Adobe")
              info += strcat(
                ' - Version ', version, ' of the plugin itself is located in\n',
                "   '", path, "'.", '\n'
              );
            else
            {
              if ("Opera" >< browser) browser = "Opera";
              info += strcat(
                ' - Version ', version, ' of the plugin is installed in ', browser, '\n',
                "   under '", path, "'.", '\n'
              );
            }
          }
        }
      }
    }
    
    
    if (info)
    {
      security_hole(port:port, extra:info);
    }
    
    
    # Clean up.
    NetUseDel();
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_11433.NASL
    descriptionThe Adobe Acrobat Reader has been updated to version 7.0.9. For SUSE Linux Enterprise Server 9 this version now includes its own GLIB2, ATK, PANGO and GTK2 libraries, since Acroread 7.0.x requires a minimum level of GTK2 2.4. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. (CVE-2006-5857) - Universal cross-site request forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. (CVE-2007-0044) - Cross-site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. (CVE-2007-0045) - A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). (CVE-2007-0046) - CVE-2007-0047 and CVE-2007-0048 affect only Microsoft Windows and Internet Explorer.
    last seen2020-06-01
    modified2020-06-02
    plugin id41117
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41117
    titleSuSE9 Security Update : acroread (YOU Patch Number 11433)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41117);
      script_version("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:29");
    
      script_cve_id("CVE-2006-5857", "CVE-2007-0044", "CVE-2007-0045", "CVE-2007-0046");
    
      script_name(english:"SuSE9 Security Update : acroread (YOU Patch Number 11433)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The Adobe Acrobat Reader has been updated to version 7.0.9.
    
    For SUSE Linux Enterprise Server 9 this version now includes its own
    GLIB2, ATK, PANGO and GTK2 libraries, since Acroread 7.0.x requires a
    minimum level of GTK2 2.4.
    
    This update also includes following security fixes :
    
      - A memory corruption problem was fixed in Adobe Acrobat
        Reader can potentially lead to code execution.
        (CVE-2006-5857)
    
      - Universal cross-site request forgery (CSRF) problems
        were fixed in the Acrobat Reader plugin which could be
        exploited by remote attackers to conduct CSRF attacks
        using any site that is providing PDFs. (CVE-2007-0044)
    
      - Cross-site scripting problems in the Acrobat Reader
        plugin were fixed, which could be exploited by remote
        attackers to conduct XSS attacks against any site that
        is providing PDFs. (CVE-2007-0045)
    
      - A double free problem in the Acrobat Reader plugin was
        fixed which could be used by remote attackers to
        potentially execute arbitrary code. Note that all
        platforms using Adobe Reader currently have counter
        measures against such attack where it will just cause a
        controlled abort(). (CVE-2007-0046)
    
      - CVE-2007-0047 and CVE-2007-0048 affect only Microsoft
        Windows and Internet Explorer."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2006-5857.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0044.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0045.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0046.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2007-0047/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2007-0048.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 11433.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(352, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/02/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"acroread-7.0.9-2.5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-2506.NASL
    descriptionThe Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. CVE-2007-0045: Cross site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. CVE-2007-0046: A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). CVE-2007-0047 and CVE-2007-0048 affect only Microsoft Windows and Internet Explorer.
    last seen2020-06-01
    modified2020-06-02
    plugin id27144
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27144
    titleopenSUSE 10 Security Update : acroread (acroread-2506)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-2506.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27144);
      script_version ("1.20");
      script_cvs_date("Date: 2019/10/25 13:36:29");
    
      script_cve_id("CVE-2006-5857", "CVE-2007-0044", "CVE-2007-0045", "CVE-2007-0046", "CVE-2007-0047", "CVE-2007-0048");
    
      script_name(english:"openSUSE 10 Security Update : acroread (acroread-2506)");
      script_summary(english:"Check for the acroread-2506 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The Adobe Acrobat Reader has been updated to version 7.0.9.
    
    This update also includes following security fixes :
    
    CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat
    Reader can potentially lead to code execution.
    
    CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems
    were fixed in the Acrobat Reader plugin which could be exploited by
    remote attackers to conduct CSRF attacks using any site that is
    providing PDFs.
    
    CVE-2007-0045: Cross site scripting problems in the Acrobat Reader
    plugin were fixed, which could be exploited by remote attackers to
    conduct XSS attacks against any site that is providing PDFs.
    
    CVE-2007-0046: A double free problem in the Acrobat Reader plugin was
    fixed which could be used by remote attackers to potentially execute
    arbitrary code. Note that all platforms using Adobe Reader currently
    have counter measures against such attack where it will just cause a
    controlled abort().
    
    CVE-2007-0047 and CVE-2007-0048 affect only Microsoft Windows and
    Internet Explorer."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(352, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/01/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.1|SUSE10\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.1", reference:"acroread-7.0.9-1.2") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"acroread-7.0.9-2.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200701-16.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200701-16 (Adobe Acrobat Reader: Multiple vulnerabilities) Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code execution via heap corruption when loading a specially crafted PDF file. The browser plugin released with Adobe Acrobat Reader (nppdf.so) does not properly handle URLs, and crashes if given a URL that is too long. The plugin does not correctly handle JavaScript, and executes JavaScript that is given as a GET variable to the URL of a PDF file. Lastly, the plugin does not properly handle the FDF, xml, xfdf AJAX request parameters following the # character in a URL, allowing for multiple cross-site scripting vulnerabilities. Impact : An attacker could entice a user to open a specially crafted PDF file and execute arbitrary code with the rights of the user running Adobe Acrobat Reader. An attacker could also entice a user to browse to a specially crafted URL and either crash the Adobe Acrobat Reader browser plugin, execute arbitrary JavaScript in the context of the user
    last seen2020-06-01
    modified2020-06-02
    plugin id24252
    published2007-01-26
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24252
    titleGLSA-200701-16 : Adobe Acrobat Reader: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200701-16.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24252);
      script_version("1.21");
      script_cvs_date("Date: 2019/08/02 13:32:43");
    
      script_cve_id("CVE-2006-5857", "CVE-2007-0044", "CVE-2007-0045", "CVE-2007-0046", "CVE-2007-0048");
      script_xref(name:"GLSA", value:"200701-16");
    
      script_name(english:"GLSA-200701-16 : Adobe Acrobat Reader: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200701-16
    (Adobe Acrobat Reader: Multiple vulnerabilities)
    
        Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code
        execution via heap corruption when loading a specially crafted PDF
        file.
        The browser plugin released with Adobe Acrobat Reader (nppdf.so) does
        not properly handle URLs, and crashes if given a URL that is too long.
        The plugin does not correctly handle JavaScript, and executes
        JavaScript that is given as a GET variable to the URL of a PDF file.
        Lastly, the plugin does not properly handle the FDF, xml, xfdf AJAX
        request parameters following the # character in a URL, allowing for
        multiple cross-site scripting vulnerabilities.
      
    Impact :
    
        An attacker could entice a user to open a specially crafted PDF file
        and execute arbitrary code with the rights of the user running Adobe
        Acrobat Reader. An attacker could also entice a user to browse to a
        specially crafted URL and either crash the Adobe Acrobat Reader browser
        plugin, execute arbitrary JavaScript in the context of the user's
        browser, or inject arbitrary HTML or JavaScript into the document being
        viewed by the user. Note that users who have emerged Adobe Acrobat
        Reader with the 'nsplugin' USE flag disabled are not vulnerable to
        issues with the Adobe Acrobat Reader browser plugin.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200701-16"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Adobe Acrobat Reader users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-text/acroread-7.0.9'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(352, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/26");
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 7.0.9"), vulnerable:make_list("lt 7.0.9"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Acrobat Reader");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_121104.NASL
    descriptionSunOS 5.10: Adobe Acrobat Reader patch. Date this patch was last updated by Sun : Nov/27/09 This plugin has been deprecated and either replaced with individual 121104 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id22967
    published2006-11-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=22967
    titleSolaris 10 (sparc) : 121104-11 (deprecated)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0021.NASL
    descriptionUpdated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 23 Jan 2007] The previous acroread packages were missing dependencies on the new libraries which could prevent acroread from starting. Replacement acroread packages have been added to this erratum to correct this issue. The Adobe Reader allows users to view and print documents in portable document format (PDF). A cross site scripting flaw was found in the way the Adobe Reader Plugin processes certain malformed URLs. A malicious web page could inject arbitrary javascript into the browser session which could possibly lead to a cross site scripting attack. (CVE-2007-0045) Two arbitrary code execution flaws were found in the way Adobe Reader processes malformed document files. It may be possible to execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id63836
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63836
    titleRHEL 3 : Adobe Acrobat Reader (RHSA-2007:0021)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_121104-11.NASL
    descriptionSunOS 5.10: Adobe Acrobat Reader patch. Date this patch was last updated by Sun : Nov/27/09
    last seen2020-06-01
    modified2020-06-02
    plugin id107373
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107373
    titleSolaris 10 (sparc) : 121104-11
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-2545.NASL
    descriptionThe Adobe Acrobat Reader (Japanese version) has been updated to version 7.0.9. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. (CVE-2006-5857) - Universal cross-site request forgery (CSRF) problems were fixed in the Acrobat Reader plugin which could be exploited by remote attackers to conduct CSRF attacks using any site that is providing PDFs. (CVE-2007-0044) - Cross-site scripting problems in the Acrobat Reader plugin were fixed, which could be exploited by remote attackers to conduct XSS attacks against any site that is providing PDFs. (CVE-2007-0045) - A double free problem in the Acrobat Reader plugin was fixed which could be used by remote attackers to potentially execute arbitrary code. Note that all platforms using Adobe Reader currently have counter measures against such attack where it will just cause a controlled abort(). (CVE-2007-0046)
    last seen2020-06-01
    modified2020-06-02
    plugin id29371
    published2007-12-13
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29371
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 2545)
  • NASL familyWindows
    NASL idADOBE_ACROBAT_709.NASL
    descriptionThe version of Adobe Acrobat installed on the remote host is earlier than 6.0.6 / 7.0.9 / 8.0 and thus reportedly is affected by several security issues, including one that can lead to arbitrary code execution when processing a malicious PDF file.
    last seen2020-06-01
    modified2020-06-02
    plugin id40798
    published2009-08-28
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40798
    titleAdobe Acrobat < 6.0.6 / 7.0.9 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2007-0017.NASL
    descriptionUpdated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Adobe Acrobat Reader allows users to view and print documents in portable document format (PDF). A cross site scripting flaw was found in the way the Adobe Reader Plugin processes certain malformed URLs. A malicious web page could inject arbitrary javascript into the browser session which could possibly lead to a cross site scripting attack. (CVE-2007-0045) Two arbitrary code execution flaws were found in the way Adobe Reader processes malformed document files. It may be possible to execute arbitrary code on a victim
    last seen2020-06-01
    modified2020-06-02
    plugin id63835
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63835
    titleRHEL 4 : Adobe Acrobat Reader (RHSA-2007:0017)

Oval

accepted2010-09-06T04:14:32.947-04:00
classvulnerability
contributors
nameAharon Chernin
organizationSCAP.com, LLC
descriptionDouble free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
familyunix
idoval:org.mitre.oval:def:9684
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleDouble free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
version6

Redhat

advisories
  • rhsa
    idRHSA-2007:0017
  • rhsa
    idRHSA-2007:0021
rpms
  • acroread-0:7.0.9-1.2.0.EL4
  • acroread-plugin-0:7.0.9-1.2.0.EL4
  • acroread-0:7.0.9-1.1.1.EL3
  • acroread-libs-atk-0:1.8.0-1.el3
  • acroread-libs-atk-debuginfo-0:1.8.0-1.el3
  • acroread-libs-glib2-0:2.4.7-1
  • acroread-libs-glib2-debuginfo-0:2.4.7-1
  • acroread-libs-gtk2-0:2.4.13-1.el3
  • acroread-libs-gtk2-debuginfo-0:2.4.13-1.el3
  • acroread-libs-gtk2-engines-0:2.2.0-1.el3
  • acroread-libs-gtk2-engines-debuginfo-0:2.2.0-1.el3
  • acroread-libs-pango-0:1.6.0-1.el3
  • acroread-libs-pango-debuginfo-0:1.6.0-1.el3
  • acroread-plugin-0:7.0.9-1.1.1.EL3

References