Vulnerabilities > CVE-2009-3953 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
adobe
opensuse
suse
CWE-787
nessus
exploit available
metasploit

Summary

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionAdobe U3D CLODProgressiveMeshDeclaration Array Overrun. CVE-2009-3953. Local exploit for windows platform
idEDB-ID:16622
last seen2016-02-02
modified2010-09-25
published2010-09-25
reportermetasploit
sourcehttps://www.exploit-db.com/download/16622/
titleAdobe U3D CLODProgressiveMeshDeclaration Array Overrun

Metasploit

descriptionThis module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.2, and < 9.3. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
idMSF:EXPLOIT/WINDOWS/FILEFORMAT/ADOBE_U3D_MESHDECL
last seen2020-03-06
modified2020-01-15
published2009-11-25
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb
titleAdobe U3D CLODProgressiveMeshDeclaration Array Overrun

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44124
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44124
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44124);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-9.3-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD_JA-100128.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id44377
    published2010-02-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44377
    titleSuSE 11 Security Update : acroread_ja (SAT Patch Number 1881)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44377);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 11 Security Update : acroread_ja (SAT Patch Number 1881)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1881.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread_ja");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread_ja-9.3-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44126
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44126
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44126);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6802.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id51695
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51695
    titleSuSE 10 Security Update : acroread (ZYPP Patch Number 6802)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51695);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6802)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6802.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-9.3-0.5.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44128
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44128
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44128);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6803.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id51696
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51696
    titleSuSE 10 Security Update : acroread (ZYPP Patch Number 6803)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51696);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6803)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6803.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-9.3-0.6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-6805.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id51711
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51711
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51711);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6805.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread_ja-9.3-0.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0060.NASL
    descriptionThe acroread packages as shipped in Red Hat Enterprise Linux 3 Extras contain security flaws and should not be used. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Adobe Reader 8.1.7 is vulnerable to critical security flaws and should no longer be used. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3. An alternative PDF file viewer available in Red Hat Enterprise Linux 3 is xpdf. This update removes the acroread packages due to their known security vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id63914
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63914
    titleRHEL 3 : acroread (RHSA-2010:0060)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2010:0060. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63914);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3959", "CVE-2009-4324");
      script_bugtraq_id(37331, 37758);
      script_xref(name:"RHSA", value:"2010:0060");
    
      script_name(english:"RHEL 3 : acroread (RHSA-2010:0060)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The acroread packages as shipped in Red Hat Enterprise Linux 3 Extras
    contain security flaws and should not be used.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Adobe Reader allows users to view and print documents in Portable
    Document Format (PDF).
    
    Adobe Reader 8.1.7 is vulnerable to critical security flaws and should
    no longer be used. A specially crafted PDF file could cause Adobe
    Reader to crash or, potentially, execute arbitrary code as the user
    running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956)
    
    Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe
    Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3.
    An alternative PDF file viewer available in Red Hat Enterprise Linux 3
    is xpdf.
    
    This update removes the acroread packages due to their known security
    vulnerabilities."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-4324.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.adobe.com/support/security/bulletins/apsb10-02.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://rhn.redhat.com/errata/RHSA-2010-0060.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread-uninstall package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-uninstall");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    flag = 0;
    if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-uninstall-9.3-3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0038.NASL
    descriptionUpdated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id63912
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63912
    titleRHEL 4 : acroread (RHSA-2010:0038)
  • NASL familyWindows
    NASL idADOBE_READER_APSB10-02.NASL
    descriptionThe version of Adobe Reader installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id43876
    published2010-01-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43876
    titleAdobe Reader < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44130
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44130
    titleSuSE 11 Security Update : Acrobat Reader (SAT Patch Number 1850)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0037.NASL
    descriptionUpdated acroread packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) This update also fixes the following bugs : * the acroread process continued to run even after closing a PDF file. If multiple PDF files were opened and then closed, the acroread processes continued to run and consume system resources (up to 100% CPU usage). With this update, the acroread process correctly exits, which resolves this issue. (BZ#473217) * the PPKLite.api plug-in was missing, causing Adobe Reader to crash when attempting to open signed PDF files. For such files, if an immediate crash was not observed, clicking on the Signature Panel could trigger one. With this update, the PPKLite.api plug-in is included, which resolves this issue. (BZ#472975) * Adobe Reader has been upgraded to version 9.3. (BZ#497957) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues and fixes these bugs. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id63911
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63911
    titleRHEL 5 : acroread (RHSA-2010:0037)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-6804.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id51710
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51710
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6804)
  • NASL familyWindows
    NASL idADOBE_ACROBAT_APSB10-02.NASL
    descriptionThe version of Adobe Acrobat installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id43875
    published2010-01-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43875
    titleAdobe Acrobat < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201009-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201009-05 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id49126
    published2010-09-08
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49126
    titleGLSA-201009-05 : Adobe Reader: Multiple vulnerabilities

Oval

accepted2013-08-12T04:10:28.412-04:00
classvulnerability
contributors
  • nameJ. Daniel Brown
    organizationDTCC
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
  • commentAdobe Reader 8 Series is installed
    ovaloval:org.mitre.oval:def:6390
  • commentAdobe Reader 9 Series is installed
    ovaloval:org.mitre.oval:def:6523
  • commentAdobe Acrobat 8 Series is installed
    ovaloval:org.mitre.oval:def:6452
  • commentAdobe Acrobat 9 Series is installed
    ovaloval:org.mitre.oval:def:6013
descriptionThe U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.
familywindows
idoval:org.mitre.oval:def:8242
statusaccepted
submitted2010-01-13T08:30:00.000-05:00
titleAdobe Reader and Acrobat U3D Remote Code Execution Vulnerability
version20

Redhat

advisories
rhsa
idRHSA-2010:0060
rpms
  • acroread-0:9.3-1.el5
  • acroread-plugin-0:9.3-1.el5
  • acroread-0:9.3-1.el4
  • acroread-plugin-0:9.3-1.el4
  • acroread-uninstall-0:9.3-3

References