Vulnerabilities > CVE-2009-3954 - Code Injection vulnerability in Adobe Acrobat and Acrobat Reader
Summary
The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html Affected software versions Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html a DLL-loading vulnerability in 3D that could allow arbitrary code execution (CVE-2009-3954).
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leverage Executable Code in Non-Executable Files An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
- Manipulating User-Controlled Variables This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_ACROREAD-100122.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 44124 published 2010-01-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44124 title openSUSE Security Update : acroread (acroread-1849) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-1849. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44124); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"openSUSE Security Update : acroread (acroread-1849)"); script_summary(english:"Check for the acroread-1849 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564742" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"acroread-9.3-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_ACROREAD_JA-100128.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) last seen 2020-06-01 modified 2020-06-02 plugin id 44377 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44377 title SuSE 11 Security Update : acroread_ja (SAT Patch Number 1881) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(44377); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"SuSE 11 Security Update : acroread_ja (SAT Patch Number 1881)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564742" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3953.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3954.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3955.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3956.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3957.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3958.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3959.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-4324.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1881."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread_ja"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread_ja-9.3-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_1_ACROREAD-100122.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 44126 published 2010-01-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44126 title openSUSE Security Update : acroread (acroread-1849) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-1849. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44126); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"openSUSE Security Update : acroread (acroread-1849)"); script_summary(english:"Check for the acroread-1849 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564742" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.3-0.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6802.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 51695 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51695 title SuSE 10 Security Update : acroread (ZYPP Patch Number 6802) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51695); script_version ("1.10"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6802)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3953.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3954.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3955.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3956.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3957.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3958.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3959.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-4324.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6802."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-9.3-0.5.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_2_ACROREAD-100122.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 44128 published 2010-01-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44128 title openSUSE Security Update : acroread (acroread-1849) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-1849. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44128); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:38"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"openSUSE Security Update : acroread (acroread-1849)"); script_summary(english:"Check for the acroread-1849 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564742" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.3-0.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6803.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 51696 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51696 title SuSE 10 Security Update : acroread (ZYPP Patch Number 6803) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51696); script_version ("1.10"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6803)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3953.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3954.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3955.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3956.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3957.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3958.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3959.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-4324.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6803."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-9.3-0.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD_JA-6805.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) last seen 2020-06-01 modified 2020-06-02 plugin id 51711 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51711 title SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51711); script_version ("1.10"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324"); script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3953.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3954.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3955.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3956.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3957.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3958.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3959.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-4324.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6805."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"acroread_ja-9.3-0.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0060.NASL description The acroread packages as shipped in Red Hat Enterprise Linux 3 Extras contain security flaws and should not be used. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Adobe Reader 8.1.7 is vulnerable to critical security flaws and should no longer be used. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3. An alternative PDF file viewer available in Red Hat Enterprise Linux 3 is xpdf. This update removes the acroread packages due to their known security vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 63914 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63914 title RHEL 3 : acroread (RHSA-2010:0060) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0060. The text # itself is copyright (C) Red Hat, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(63914); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:14"); script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3959", "CVE-2009-4324"); script_bugtraq_id(37331, 37758); script_xref(name:"RHSA", value:"2010:0060"); script_name(english:"RHEL 3 : acroread (RHSA-2010:0060)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "The acroread packages as shipped in Red Hat Enterprise Linux 3 Extras contain security flaws and should not be used. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Adobe Reader 8.1.7 is vulnerable to critical security flaws and should no longer be used. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3. An alternative PDF file viewer available in Red Hat Enterprise Linux 3 is xpdf. This update removes the acroread packages due to their known security vulnerabilities." ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-3953.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-3954.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-3955.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-3956.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-3959.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2009-4324.html" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-02.html" ); script_set_attribute( attribute:"see_also", value:"http://rhn.redhat.com/errata/RHSA-2010-0060.html" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread-uninstall package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(16, 94, 119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-uninstall"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); flag = 0; if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-uninstall-9.3-3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0038.NASL description Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 63912 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63912 title RHEL 4 : acroread (RHSA-2010:0038) NASL family Windows NASL id ADOBE_READER_APSB10-02.NASL description The version of Adobe Reader installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in last seen 2020-06-01 modified 2020-06-02 plugin id 43876 published 2010-01-13 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43876 title Adobe Reader < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02) NASL family SuSE Local Security Checks NASL id SUSE_11_ACROREAD-100122.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 44130 published 2010-01-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44130 title SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 1850) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0037.NASL description Updated acroread packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) This update also fixes the following bugs : * the acroread process continued to run even after closing a PDF file. If multiple PDF files were opened and then closed, the acroread processes continued to run and consume system resources (up to 100% CPU usage). With this update, the acroread process correctly exits, which resolves this issue. (BZ#473217) * the PPKLite.api plug-in was missing, causing Adobe Reader to crash when attempting to open signed PDF files. For such files, if an immediate crash was not observed, clicking on the Signature Panel could trigger one. With this update, the PPKLite.api plug-in is included, which resolves this issue. (BZ#472975) * Adobe Reader has been upgraded to version 9.3. (BZ#497957) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues and fixes these bugs. All running instances of Adobe Reader must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 63911 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63911 title RHEL 5 : acroread (RHSA-2010:0037) NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD_JA-6804.NASL description Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) last seen 2020-06-01 modified 2020-06-02 plugin id 51710 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51710 title SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6804) NASL family Windows NASL id ADOBE_ACROBAT_APSB10-02.NASL description The version of Adobe Acrobat installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in last seen 2020-06-01 modified 2020-06-02 plugin id 43875 published 2010-01-13 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43875 title Adobe Acrobat < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
Oval
accepted | 2013-08-12T04:10:32.263-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||
description | The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:8528 | ||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||
submitted | 2010-01-13T08:30:00.000-05:00 | ||||||||||||||||||||||||||||||||||||||||||||
title | Adobe Reader and Acrobat DLL Loading in 3D Remote Code Execution Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
version | 20 |
Redhat
advisories |
| ||||
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
- http://secunia.com/advisories/38138
- http://secunia.com/advisories/38215
- http://www.adobe.com/support/security/bulletins/apsb10-02.html
- http://www.redhat.com/support/errata/RHSA-2010-0060.html
- http://www.securityfocus.com/bid/37761
- http://www.securitytracker.com/id?1023446
- http://www.us-cert.gov/cas/techalerts/TA10-013A.html
- http://www.vupen.com/english/advisories/2010/0103
- https://bugzilla.redhat.com/show_bug.cgi?id=554293
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55552
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8528