Vulnerabilities > CVE-2010-0188 - Unspecified vulnerability in Adobe Acrobat and Acrobat Reader

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
adobe
nessus
exploit available
metasploit

Summary

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

Exploit-Db

  • descriptionApple iOS MobileMail LibTIFF Buffer Overflow. CVE-2006-3459,CVE-2010-0188. Remote exploit for ios platform
    idEDB-ID:21869
    last seen2016-02-02
    modified2012-10-09
    published2012-10-09
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/21869/
    titleApple iOS MobileMail LibTIFF Buffer Overflow
  • descriptionAdobe Reader PDF LibTiff Integer Overflow Code Execution. CVE-2006-3459,CVE-2010-0188. Local exploit for windows platform
    idEDB-ID:11787
    last seen2016-02-01
    modified2010-03-17
    published2010-03-17
    reportervilly
    sourcehttps://www.exploit-db.com/download/11787/
    titleAdobe Reader PDF LibTiff Integer Overflow Code Execution
  • descriptionApple iOS MobileSafari LibTIFF Buffer Overflow. CVE-2006-3459,CVE-2010-0188. Remote exploit for ios platform
    idEDB-ID:21868
    last seen2016-02-02
    modified2012-10-09
    published2012-10-09
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/21868/
    titleApple iOS MobileSafari LibTIFF Buffer Overflow
  • descriptionAdobe Acrobat Bundled LibTIFF Integer Overflow. CVE-2010-0188. Local exploit for windows platform
    idEDB-ID:16670
    last seen2016-02-02
    modified2010-09-25
    published2010-09-25
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16670/
    titleAdobe Acrobat Bundled LibTIFF Integer Overflow

Metasploit

descriptionThis module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3.
idMSF:EXPLOIT/WINDOWS/FILEFORMAT/ADOBE_LIBTIFF
last seen2020-06-14
modified1976-01-01
published1976-01-01
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/adobe_libtiff.rb
titleAdobe Acrobat Bundled LibTIFF Integer Overflow

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6879.NASL
    descriptionThis update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8)
    last seen2020-06-01
    modified2020-06-02
    plugin id51697
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51697
    titleSuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6879)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51697);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6879)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - Cross-domain request vulnerability CVE-2010-0188: CVSS
        v2 Base Score: 6.8 An unspecified vulnerability that
        possibly allowed remote code execution. (CVE-2010-0186:
        CVSS v2 Base Score: 5.8)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0186.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0188.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6879.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-9.3.1-0.3")) flag++;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-cmaps-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-ja-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-ko-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-zh_CN-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-zh_TW-9.3.1-0.4.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0114.NASL
    descriptionUpdated acroread packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes two vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-07 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-0186, CVE-2010-0188) This update also fixes a bug where, on some systems, attempting to install or upgrade the acroread packages failed due to a package dependency issue. (BZ#557506) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.3.1, which is not vulnerable to these issues and fixes this bug. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id44665
    published2010-02-19
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44665
    titleRHEL 4 / 5 : acroread (RHSA-2010:0114)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2010:0114. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44665);
      script_version ("1.31");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
      script_bugtraq_id(38195, 38198);
      script_xref(name:"RHSA", value:"2010:0114");
    
      script_name(english:"RHEL 4 / 5 : acroread (RHSA-2010:0114)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated acroread packages that fix two security issues and a bug are
    now available for Red Hat Enterprise Linux 4 Extras and Red Hat
    Enterprise Linux 5 Supplementary.
    
    This update has been rated as having critical security impact by the
    Red Hat Security Response Team.
    
    Adobe Reader allows users to view and print documents in Portable
    Document Format (PDF).
    
    This update fixes two vulnerabilities in Adobe Reader. These
    vulnerabilities are summarized on the Adobe Security Advisory
    APSB10-07 page listed in the References section. A specially crafted
    PDF file could cause Adobe Reader to crash or, potentially, execute
    arbitrary code as the user running Adobe Reader when opened.
    (CVE-2010-0186, CVE-2010-0188)
    
    This update also fixes a bug where, on some systems, attempting to
    install or upgrade the acroread packages failed due to a package
    dependency issue. (BZ#557506)
    
    All Adobe Reader users should install these updated packages. They
    contain Adobe Reader version 9.3.1, which is not vulnerable to these
    issues and fixes this bug. All running instances of Adobe Reader must
    be restarted for the update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-0186"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-0188"
      );
      # http://www.adobe.com/support/security/bulletins/apsb10-07.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-07.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2010:0114"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread and / or acroread-plugin packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2010:0114";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-9.3.1-1.el4")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-plugin-9.3.1-1.el4")) flag++;
    
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-9.3.1-1.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-plugin-9.3.1-1.el5")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-plugin");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-6881.NASL
    descriptionThis update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8)
    last seen2020-06-01
    modified2020-06-02
    plugin id51698
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51698
    titleSuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6881)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51698);
      script_version ("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6881)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - Cross-domain request vulnerability CVE-2010-0188: CVSS
        v2 Base Score: 6.8 An unspecified vulnerability that
        possibly allowed remote code execution. (CVE-2010-0186:
        CVSS v2 Base Score: 5.8)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0186.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0188.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6881.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-cmaps-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-ja-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-ko-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-zh_CN-9.3.1-0.4.1")) flag++;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-zh_TW-9.3.1-0.4.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_ACROREAD-100225.NASL
    descriptionThis update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id44981
    published2010-03-04
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44981
    titleopenSUSE Security Update : acroread (acroread-2068)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-2068.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44981);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-2068)");
      script_summary(english:"Check for the acroread-2068 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain
        request vulnerability
    
      - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified
        vulnerability that possibly allowed remote code
        execution."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=580470"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-cmaps-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ja-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ko-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familyWindows
    NASL idADOBE_READER_APSB10-07.NASL
    descriptionThe version of Adobe Reader installed on the remote host is earlier than 9.3.1 / 8.2.1. As such, it is reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188)
    last seen2020-06-01
    modified2020-06-02
    plugin id44644
    published2010-02-17
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44644
    titleAdobe Reader < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(44644);
      script_version("1.20");
      script_cvs_date("Date: 2018/09/17 21:46:53");
    
      script_xref(name:"Secunia", value:"38551");
    
      script_name(english:"Adobe Reader < 9.3.1 / 8.2.1  Multiple Vulnerabilities (APSB10-07)");
      script_summary(english:"Checks version of Adobe Reader");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
      script_bugtraq_id(38195, 38198);
    
      script_set_attribute(attribute:"synopsis", value:
    "The version of Adobe Reader on the remote Windows host is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Adobe Reader installed on the remote host is earlier
    than 9.3.1 / 8.2.1.  As such, it is reportedly affected by multiple
    vulnerabilities :
    
      - An issue that could subvert the domain sandbox and make
        unauthorized cross-domain requests. (CVE-2010-0186)
    
      - An unspecified vulnerability could cause the application
        to crash or possibly lead to arbitrary code execution.
        (CVE-2010-0188)");
      script_set_attribute(attribute:'see_also', value:'http://www.adobe.com/support/security/bulletins/apsb10-07.html');
      script_set_attribute(attribute:'solution', value:'Upgrade to Adobe Reader 9.3.1 / 8.2.1 or later.');
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:'Windows');
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
    
      script_dependencies('adobe_reader_installed.nasl');
      script_require_keys('SMB/Acroread/Version');
      exit(0);
    }
    
    #
    
    include('global_settings.inc');
    
    info = NULL;
    vers = get_kb_list('SMB/Acroread/Version');
    if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB item is missing.');
    
    foreach version (vers)
    {
      ver = split(version, sep:'.', keep:FALSE);
      for (i=0; i<max_index(ver); i++)
        ver[i] = int(ver[i]);
    
      if  (
        ver[0] < 8 ||
        (ver[0] == 8 && ver[1] < 2) ||
        (ver[0] == 8 && ver[1] == 2 && ver[2] < 1) ||
        (ver[0] == 9 && ver[1] < 3) ||
        (ver[0] == 9 && ver[1] == 3 && ver[2] < 1)
      )
      {
        path = get_kb_item('SMB/Acroread/'+version+'/Path');
        if (isnull(path)) exit(1, 'The "SMB/Acroread/'+version+'/Path" KB item is missing.');
    
        verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI');
        if (isnull(verui)) exit(1, 'The "SMB/Acroread/'+version+'/Version_UI" KB item is missing.');
    
        info += '  - ' + verui + ', under ' + path + '\n';
      }
    }
    
    if (isnull(info)) exit(0, 'The remote host is not affected.');
    
    if (report_verbosity > 0)
    {
      if (max_index(split(info)) > 1) s = "s of Adobe Reader are";
      else s = " of Adobe Reader is";
    
      report =
        '\nThe following vulnerable instance'+s+' installed on the'+
        '\nremote host :\n\n'+
        info;
      security_hole(port:get_kb_item("SMB/transport"), extra:report);
    }
    else security_hole(get_kb_item("SMB/transport"));
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD-100225.NASL
    descriptionThis update of acroread fixes : - Cross-domain request vulnerability. (CVE-2010-0186 : CVSS v2 Base Score: 5.8) - An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0188 : CVSS v2 Base Score: 6.8)
    last seen2020-06-01
    modified2020-06-02
    plugin id44984
    published2010-03-04
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44984
    titleSuSE 11 Security Update : Acrobat Reader (SAT Patch Number 2065)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44984);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 2065)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - Cross-domain request vulnerability. (CVE-2010-0186 :
        CVSS v2 Base Score: 5.8)
    
      - An unspecified vulnerability that possibly allowed
        remote code execution. (CVE-2010-0188 : CVSS v2 Base
        Score: 6.8)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=580470"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0186.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-0188.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 2065.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-cmaps-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-ja-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-ko-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-cmaps-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-ja-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-ko-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201009-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201009-05 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id49126
    published2010-09-08
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49126
    titleGLSA-201009-05 : Adobe Reader: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201009-05.
    #
    # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49126);
      script_version("1.43");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2009-3953", "CVE-2009-4324", "CVE-2010-0186", "CVE-2010-0188", "CVE-2010-0190", "CVE-2010-0191", "CVE-2010-0192", "CVE-2010-0193", "CVE-2010-0194", "CVE-2010-0195", "CVE-2010-0196", "CVE-2010-0197", "CVE-2010-0198", "CVE-2010-0199", "CVE-2010-0201", "CVE-2010-0202", "CVE-2010-0203", "CVE-2010-0204", "CVE-2010-1241", "CVE-2010-1285", "CVE-2010-1295", "CVE-2010-1297", "CVE-2010-2168", "CVE-2010-2201", "CVE-2010-2202", "CVE-2010-2203", "CVE-2010-2204", "CVE-2010-2205", "CVE-2010-2206", "CVE-2010-2207", "CVE-2010-2208", "CVE-2010-2209", "CVE-2010-2210", "CVE-2010-2211", "CVE-2010-2212");
      script_bugtraq_id(37331, 37758, 38195, 38198, 39417, 39469, 39470, 39505, 39507, 39511, 39514, 39515, 39517, 39518, 39520, 39522, 39523, 39524, 40586, 41230, 41231, 41232, 41234, 41235, 41236, 41237, 41238, 41239, 41240, 41241, 41242, 41243, 41244, 41245);
      script_xref(name:"GLSA", value:"201009-05");
    
      script_name(english:"GLSA-201009-05 : Adobe Reader: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201009-05
    (Adobe Reader: Multiple vulnerabilities)
    
        Multiple vulnerabilities were discovered in Adobe Reader. For further
        information please consult the CVE entries and the Adobe Security
        Bulletins referenced below.
      
    Impact :
    
        A remote attacker might entice a user to open a specially crafted PDF
        file, possibly resulting in the execution of arbitrary code with the
        privileges of the user running the application, or bypass intended
        sandbox restrictions, make cross-domain requests, inject arbitrary web
        script or HTML, or cause a Denial of Service condition.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/advisories/apsa10-01.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-02.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-07.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-09.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-14.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-16.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201009-05"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Adobe Reader users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-text/acroread-9.3.4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "newfunction" Invalid Pointer Use');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94, 119);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/08");
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 9.3.4"), vulnerable:make_list("lt 9.3.4"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Reader");
    }
    
  • NASL familyWindows
    NASL idADOBE_ACROBAT_APSB10-07.NASL
    descriptionThe version of Adobe Acrobat installed on the remote host is earlier than 9.3.1 / 8.2.1. Such versions are reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188)
    last seen2020-06-01
    modified2020-06-02
    plugin id44643
    published2010-02-17
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44643
    titleAdobe Acrobat < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(44643);
      script_version("1.16");
      script_cvs_date("Date: 2018/06/27 18:42:26");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
      script_bugtraq_id(38195, 38198);
      script_xref(name:"Secunia", value:"38551");
    
      script_name(english:"Adobe Acrobat < 9.3.1 / 8.2.1  Multiple Vulnerabilities (APSB10-07)");
      script_summary(english:"Checks version of Adobe Acrobat");
    
      script_set_attribute(attribute:"synopsis", value:
    "The version of Adobe Acrobat on the remote Windows host is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Adobe Acrobat installed on the remote host is earlier
    than 9.3.1 / 8.2.1.  Such versions are reportedly affected by multiple
    vulnerabilities :
    
      - An issue that could subvert the domain sandbox and make
        unauthorized cross-domain requests. (CVE-2010-0186)
    
      - An unspecified vulnerability could cause the application
        to crash or possibly lead to arbitrary code execution.
        (CVE-2010-0188)");
      script_set_attribute(attribute:'see_also', value:'http://www.adobe.com/support/security/bulletins/apsb10-07.html');
      script_set_attribute(attribute:'solution', value:'Upgrade to Adobe Acrobat 9.3.1 / 8.2.1 or later.');
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:'Windows');
    
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
      script_dependencies('adobe_acrobat_installed.nasl');
      script_require_keys('SMB/Acrobat/Version');
      exit(0);
    }
    
    
    include('global_settings.inc');
    
    version = get_kb_item('SMB/Acrobat/Version');
    if (isnull(version)) exit(1, "The 'SMB/Acrobat/Version' KB item is missing.");
    
    ver = split(version, sep:'.', keep:FALSE);
    for (i=0; i<max_index(ver); i++)
      ver[i] = int(ver[i]);
    
    if  (
      ver[0] < 8 ||
      (ver[0] == 8 && ver[1] < 2) ||
      (ver[0] == 8 && ver[1] == 2 && ver[2] < 1) ||
      (ver[0] == 9 && ver[1] < 3) ||
      (ver[0] == 9 && ver[1] == 3 && ver[2] < 1)
    )
    {
      port = get_kb_item('SMB/transport');
      if (!port) port = 445;
    
      version_ui = get_kb_item('SMB/Acrobat/Version_UI');
    
      if (report_verbosity > 0 && version_ui)
      {
        path = get_kb_item('SMB/Acrobat/Path');
        if (isnull(path)) path = 'n/a';
    
        report =
          '\n'+
          '  Product           : Adobe Acrobat\n'+
          '  Path              : '+path+'\n'+
          '  Installed version : '+version_ui+'\n'+
          '  Fixed version     : 9.3.1 / 8.2.1\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
    }
    else exit(0, "The host is not affected since Adobe Acrobat "+version+" is installed.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_ACROREAD-100225.NASL
    descriptionThis update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id44978
    published2010-03-04
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44978
    titleopenSUSE Security Update : acroread (acroread-2068)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-2068.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44978);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-2068)");
      script_summary(english:"Check for the acroread-2068 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain
        request vulnerability
    
      - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified
        vulnerability that possibly allowed remote code
        execution."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=580470"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-cmaps-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ja-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ko-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_ACROREAD-100225.NASL
    descriptionThis update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id44975
    published2010-03-04
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44975
    titleopenSUSE Security Update : acroread (acroread-2068)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-2068.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44975);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2010-0186", "CVE-2010-0188");
    
      script_name(english:"openSUSE Security Update : acroread (acroread-2068)");
      script_summary(english:"Check for the acroread-2068 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of acroread fixes :
    
      - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain
        request vulnerability
    
      - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified
        vulnerability that possibly allowed remote code
        execution."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=580470"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(94);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-9.3.1-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-cmaps-9.3.1-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-ja-9.3.1-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-ko-9.3.1-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-zh_CN-9.3.1-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-zh_TW-9.3.1-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    

Oval

accepted2013-08-12T04:10:33.642-04:00
classvulnerability
contributors
  • nameJ. Daniel Brown
    organizationDTCC
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
  • commentAdobe Reader 8 Series is installed
    ovaloval:org.mitre.oval:def:6390
  • commentAdobe Reader 9 Series is installed
    ovaloval:org.mitre.oval:def:6523
  • commentAdobe Acrobat 8 Series is installed
    ovaloval:org.mitre.oval:def:6452
  • commentAdobe Acrobat 9 Series is installed
    ovaloval:org.mitre.oval:def:6013
descriptionUnspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
familywindows
idoval:org.mitre.oval:def:8697
statusaccepted
submitted2010-03-02T17:30:00.000-05:00
titleAdobe Reader and Acrobat Null Pointer Dereference Denial of Service Vulnerability
version19

Packetstorm

Redhat

advisories
rhsa
idRHSA-2010:0114
rpms
  • acroread-0:9.3.1-1.el4
  • acroread-0:9.3.1-1.el5
  • acroread-plugin-0:9.3.1-1.el4
  • acroread-plugin-0:9.3.1-1.el5

Saint

bid38195
descriptionAdobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow
idmisc_acroread
osvdb62526
titleadobe_reader_libtiff_tifffetchshortpair
typeclient

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:19277
    last seen2017-11-19
    modified2010-03-16
    published2010-03-16
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-19277
    titleAdobe PDF LibTiff Integer Overflow Code Execution
  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 38195 CVE ID: CVE-2010-0188,CVE-2006-3459 Adobe Reader和Acrobat都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat采用的开源TIFF图像解析库libtiff实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户打开处理包含恶意TIFF图像的PDF文档在用户系统上执行任意指令,从而控制用户系统。 此安全问题其实是一个老漏洞(CVE-2006-3459)在Adobe产品中的重现。 Adobe Acrobat &lt; 9.3.1 Adobe Acrobat &lt; 8.2.1 Adobe Reader &lt; 9.3.1 Adobe Reader &lt; 8.2.1 临时解决方法: * 禁止浏览器自动打开PDF文档。 * 禁用JavaScript。 厂商补丁: Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.adobe.com/support/security/bulletins/apsb10-07.html
    idSSV:19156
    last seen2017-11-19
    modified2010-02-20
    published2010-02-20
    reporterRoot
    titleAdobe Reader和Acrobat TIFF图像处理缓冲区溢出漏洞