Vulnerabilities > CVE-2009-4324 - Use After Free vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
adobe
opensuse
suse
CWE-416
nessus
exploit available
metasploit

Summary

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

Common Weakness Enumeration (CWE)

Exploit-Db

  • descriptionAdobe Doc.media.newPlayer Use After Free Vulnerability. CVE-2009-4324. Local exploit for windows platform
    idEDB-ID:16503
    last seen2016-02-02
    modified2010-04-30
    published2010-04-30
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16503/
    titleAdobe Doc.media.newPlayer Use After Free Vulnerability
  • descriptionAdobe Reader and Acrobat (CVE-2009-4324) Exploit. CVE-2009-4324. Local exploit for windows platform
    idEDB-ID:10618
    last seen2016-02-01
    modified2009-12-23
    published2009-12-23
    reporterAhmed Obied
    sourcehttps://www.exploit-db.com/download/10618/
    titleAdobe Reader and Acrobat
  • descriptionAdobe Doc.media.newPlayer Use After Free Vulnerability. CVE-2009-4324. Local exploit for windows platform
    idEDB-ID:16623
    last seen2016-02-02
    modified2010-09-25
    published2010-09-25
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16623/
    titleAdobe Doc.media.newPlayer Use After Free Vulnerability

Metasploit

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44124
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44124
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44124);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-9.3-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD_JA-100128.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id44377
    published2010-02-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44377
    titleSuSE 11 Security Update : acroread_ja (SAT Patch Number 1881)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44377);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 11 Security Update : acroread_ja (SAT Patch Number 1881)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1881.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread_ja");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread_ja-9.3-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44126
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44126
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44126);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6802.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id51695
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51695
    titleSuSE 10 Security Update : acroread (ZYPP Patch Number 6802)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51695);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6802)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6802.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-9.3-0.5.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44128
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44128
    titleopenSUSE Security Update : acroread (acroread-1849)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-1849.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44128);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-1849)");
      script_summary(english:"Check for the acroread-1849 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code (CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957,
    CVE-2009-3958, CVE-2009-3959, CVE-2009-4324).
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=564742"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6803.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id51696
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51696
    titleSuSE 10 Security Update : acroread (ZYPP Patch Number 6803)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51696);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread (ZYPP Patch Number 6803)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    
    Acrobat reader was updated to version 9.3 to fix those security
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6803.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-9.3-0.6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-6805.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id51711
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51711
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51711);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3957", "CVE-2009-3958", "CVE-2009-3959", "CVE-2009-4324");
    
      script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6805)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF files could crash acroread. Attackers could
    exploit that to potentially execute arbitrary code. (CVE-2009-3953 /
    CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 /
    CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3957.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3958.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4324.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6805.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread_ja-9.3-0.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0060.NASL
    descriptionThe acroread packages as shipped in Red Hat Enterprise Linux 3 Extras contain security flaws and should not be used. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Adobe Reader 8.1.7 is vulnerable to critical security flaws and should no longer be used. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3. An alternative PDF file viewer available in Red Hat Enterprise Linux 3 is xpdf. This update removes the acroread packages due to their known security vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id63914
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63914
    titleRHEL 3 : acroread (RHSA-2010:0060)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2010:0060. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(63914);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-3954", "CVE-2009-3955", "CVE-2009-3956", "CVE-2009-3959", "CVE-2009-4324");
      script_bugtraq_id(37331, 37758);
      script_xref(name:"RHSA", value:"2010:0060");
    
      script_name(english:"RHEL 3 : acroread (RHSA-2010:0060)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The acroread packages as shipped in Red Hat Enterprise Linux 3 Extras
    contain security flaws and should not be used.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Adobe Reader allows users to view and print documents in Portable
    Document Format (PDF).
    
    Adobe Reader 8.1.7 is vulnerable to critical security flaws and should
    no longer be used. A specially crafted PDF file could cause Adobe
    Reader to crash or, potentially, execute arbitrary code as the user
    running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953,
    CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956)
    
    Adobe have discontinued support for Adobe Reader 8 for Linux. Adobe
    Reader 9 for Linux is not compatible with Red Hat Enterprise Linux 3.
    An alternative PDF file viewer available in Red Hat Enterprise Linux 3
    is xpdf.
    
    This update removes the acroread packages due to their known security
    vulnerabilities."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3953.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3954.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3955.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3956.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-3959.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.redhat.com/security/data/cve/CVE-2009-4324.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.adobe.com/support/security/bulletins/apsb10-02.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://rhn.redhat.com/errata/RHSA-2010-0060.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread-uninstall package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Doc.media.newPlayer Use After Free Vulnerability');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(16, 94, 119, 189, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-uninstall");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    flag = 0;
    if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-uninstall-9.3-3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0038.NASL
    descriptionUpdated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id63912
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63912
    titleRHEL 4 : acroread (RHSA-2010:0038)
  • NASL familyWindows
    NASL idADOBE_READER_APSB10-02.NASL
    descriptionThe version of Adobe Reader installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id43876
    published2010-01-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43876
    titleAdobe Reader < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD-100122.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324) Acrobat reader was updated to version 9.3 to fix those security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44130
    published2010-01-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44130
    titleSuSE 11 Security Update : Acrobat Reader (SAT Patch Number 1850)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0037.NASL
    descriptionUpdated acroread packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) This update also fixes the following bugs : * the acroread process continued to run even after closing a PDF file. If multiple PDF files were opened and then closed, the acroread processes continued to run and consume system resources (up to 100% CPU usage). With this update, the acroread process correctly exits, which resolves this issue. (BZ#473217) * the PPKLite.api plug-in was missing, causing Adobe Reader to crash when attempting to open signed PDF files. For such files, if an immediate crash was not observed, clicking on the Signature Panel could trigger one. With this update, the PPKLite.api plug-in is included, which resolves this issue. (BZ#472975) * Adobe Reader has been upgraded to version 9.3. (BZ#497957) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues and fixes these bugs. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id63911
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63911
    titleRHEL 5 : acroread (RHSA-2010:0037)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-6804.NASL
    descriptionSpecially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. (CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324)
    last seen2020-06-01
    modified2020-06-02
    plugin id51710
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51710
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6804)
  • NASL familyWindows
    NASL idADOBE_ACROBAT_APSB10-02.NASL
    descriptionThe version of Adobe Acrobat installed on the remote host is earlier than 9.3 / 8.2. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id43875
    published2010-01-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43875
    titleAdobe Acrobat < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201009-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201009-05 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id49126
    published2010-09-08
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49126
    titleGLSA-201009-05 : Adobe Reader: Multiple vulnerabilities

Oval

accepted2013-08-12T04:09:43.785-04:00
classvulnerability
contributors
  • nameJ. Daniel Brown
    organizationDTCC
  • nameBenjamin Marandel
    organizationMarandel.net
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
  • commentAdobe Reader 8 Series is installed
    ovaloval:org.mitre.oval:def:6390
  • commentAdobe Reader 9 Series is installed
    ovaloval:org.mitre.oval:def:6523
  • commentAdobe Acrobat 8 Series is installed
    ovaloval:org.mitre.oval:def:6452
  • commentAdobe Acrobat 9 Series is installed
    ovaloval:org.mitre.oval:def:6013
descriptionUse-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
familywindows
idoval:org.mitre.oval:def:6795
statusaccepted
submitted2009-12-15T17:00:00
titleAdobe Reader and Acrobat Unspecified Code Execution Vulnerability
version19

Packetstorm

Redhat

advisories
rhsa
idRHSA-2010:0060
rpms
  • acroread-0:9.3-1.el5
  • acroread-plugin-0:9.3-1.el5
  • acroread-0:9.3-1.el4
  • acroread-plugin-0:9.3-1.el4
  • acroread-uninstall-0:9.3-3

Saint

bid37331
descriptionAdobe Reader media.newPlayer Use-After-Free Code Execution
idmisc_acroread
osvdb60980
titleadobe_reader_media_newplayer
typeclient

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:18671
    last seen2017-11-19
    modified2009-12-23
    published2009-12-23
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-18671
    titleAdobe Reader and Acrobat (CVE-2009-4324) Exploit
  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 37331 CVE ID: CVE-2009-4324 Adobe Acrobat和Reader都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat阅读器支持JavaScript。Doc.media对象的newplayer()方式存在释放后使用漏洞,可能触发可利用的内存访问破坏。远程攻击者可以通过使用ZLib压缩流的特制PDF文件来利用这个漏洞,导致执行任意代码。 Adobe Acrobat &lt;= 9.2 Adobe Reader &lt;= 9.2 临时解决方法: * 禁用JavaScript。 * 禁止使用Doc.media.newPlayer方式。 厂商补丁: Adobe ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.adobe.com
    idSSV:15133
    last seen2017-11-19
    modified2009-12-23
    published2009-12-23
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-15133
    titleAdobe Reader和Acrobat newplayer() JavaScript方式内存破坏漏洞
  • bulletinFamilyexploit
    descriptionBugraq ID: 37331 CVE ID:CVE-2009-4324 Adobe Reader/Acrobat是一款流行的处理PDF文件的应用程序。 Adobe Reader/Acrobat中的Doc.media.newPlayer方法包含释放后使用漏洞,允许远程未验证用户在目标用户系统上执行任意代码。 Adobe Reader/Acrobat支持JavaScript,Doc.media对象中的newplayer()方法包含一个释放后使用漏洞,可导致一个可利用的内存访问冲突。此漏洞已经在网络上积极利用。 通过诱使用户打开一个恶意PDF文件,攻击者可以执行任意代码或使受影响的PDF查看器崩溃。 Adobe Reader 9.1.3 Adobe Reader 9.1.2 Adobe Reader 9.1.2 Adobe Reader 9.1.1 Adobe Reader 8.1.7 Adobe Reader 8.1.6 Adobe Reader 8.1.6 Adobe Reader 8.1.5 Adobe Reader 8.1.4 Adobe Reader 8.1.3 Adobe Reader 8.1.2 Adobe Reader 8.1.1 Adobe Reader 9.2 Adobe Reader 9.2 Adobe Reader 9.1 Adobe Reader 9 Adobe Reader 8.1 Adobe Reader 8.0 Adobe Acrobat Standard 9.1.3 Adobe Acrobat Standard 9.1.2 Adobe Acrobat Standard 8.1.7 Adobe Acrobat Standard 8.1.6 Adobe Acrobat Standard 8.1.4 Adobe Acrobat Standard 8.1.3 Adobe Acrobat Standard 8.1.2 Adobe Acrobat Standard 8.1.1 Adobe Acrobat Standard 9.2 Adobe Acrobat Standard 9.1 Adobe Acrobat Standard 9 Adobe Acrobat Standard 8.1 Adobe Acrobat Standard 8.0 Adobe Acrobat Professional 9.1.3 Adobe Acrobat Professional 9.1.2 Adobe Acrobat Professional 8.1.7 Adobe Acrobat Professional 8.1.6 Adobe Acrobat Professional 8.1.4 Adobe Acrobat Professional 8.1.3 Adobe Acrobat Professional 8.1.2 Adobe Acrobat Professional 8.1.1 Adobe Acrobat Professional 9.2 Adobe Acrobat Professional 9.1 Adobe Acrobat Professional 9 Adobe Acrobat Professional 8.1 Adobe Acrobat Professional 8.0 Adobe Acrobat 9.1.1 Adobe Acrobat 9.2 目前供应商还没有提供相应补丁,建议用户参考如下临时解决方案: -启用Microsoft windows中的DEP选项。 -在Adobe Reader/Acrobat中关闭JavaScript: 1,打开Adobe Acrobat Reader 2,打开Edit菜单 3,选择Preferences...选项 4,选择JavaScript段 5,取消Enable Acrobat JavaScript单选框 -防止在Internet Explorer中自动打开PDF文档: 导入如下.REG文件: [HKEY_CLASSES_ROOT\AcroExch.Document.7] &quot;EditFlags&quot;=hex:00,00,00,00
    idSSV:15098
    last seen2017-11-19
    modified2009-12-17
    published2009-12-17
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-15098
    titleAdobe Reader/Acrobat 'newplayer()' JavaScript方法远程代码执行漏洞
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:67248
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-67248
    titleAdobe Reader and Acrobat

References