Vulnerabilities > CVE-2010-0188 - Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
Vulnerable Configurations
Exploit-Db
description Apple iOS MobileMail LibTIFF Buffer Overflow. CVE-2006-3459,CVE-2010-0188. Remote exploit for ios platform id EDB-ID:21869 last seen 2016-02-02 modified 2012-10-09 published 2012-10-09 reporter metasploit source https://www.exploit-db.com/download/21869/ title Apple iOS MobileMail LibTIFF Buffer Overflow description Adobe Reader PDF LibTiff Integer Overflow Code Execution. CVE-2006-3459,CVE-2010-0188. Local exploit for windows platform id EDB-ID:11787 last seen 2016-02-01 modified 2010-03-17 published 2010-03-17 reporter villy source https://www.exploit-db.com/download/11787/ title Adobe Reader PDF LibTiff Integer Overflow Code Execution description Apple iOS MobileSafari LibTIFF Buffer Overflow. CVE-2006-3459,CVE-2010-0188. Remote exploit for ios platform id EDB-ID:21868 last seen 2016-02-02 modified 2012-10-09 published 2012-10-09 reporter metasploit source https://www.exploit-db.com/download/21868/ title Apple iOS MobileSafari LibTIFF Buffer Overflow description Adobe Acrobat Bundled LibTIFF Integer Overflow. CVE-2010-0188. Local exploit for windows platform id EDB-ID:16670 last seen 2016-02-02 modified 2010-09-25 published 2010-09-25 reporter metasploit source https://www.exploit-db.com/download/16670/ title Adobe Acrobat Bundled LibTIFF Integer Overflow
Metasploit
| description | This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3. |
| id | MSF:EXPLOIT/WINDOWS/FILEFORMAT/ADOBE_LIBTIFF |
| last seen | 2020-06-14 |
| modified | 1976-01-01 |
| published | 1976-01-01 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/adobe_libtiff.rb |
| title | Adobe Acrobat Bundled LibTIFF Integer Overflow |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6879.NASL description This update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8) last seen 2020-06-01 modified 2020-06-02 plugin id 51697 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51697 title SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6879) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51697); script_version ("1.10"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6879)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0186.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0188.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6879."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-9.3.1-0.3")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-cmaps-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-ja-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-ko-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-zh_CN-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:2, reference:"acroread-fonts-zh_TW-9.3.1-0.4.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0114.NASL description Updated acroread packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes two vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-07 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-0186, CVE-2010-0188) This update also fixes a bug where, on some systems, attempting to install or upgrade the acroread packages failed due to a package dependency issue. (BZ#557506) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.3.1, which is not vulnerable to these issues and fixes this bug. All running instances of Adobe Reader must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 44665 published 2010-02-19 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44665 title RHEL 4 / 5 : acroread (RHSA-2010:0114) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0114. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(44665); script_version ("1.31"); script_cvs_date("Date: 2019/10/25 13:36:14"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_bugtraq_id(38195, 38198); script_xref(name:"RHSA", value:"2010:0114"); script_name(english:"RHEL 4 / 5 : acroread (RHSA-2010:0114)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated acroread packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes two vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-07 page listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-0186, CVE-2010-0188) This update also fixes a bug where, on some systems, attempting to install or upgrade the acroread packages failed due to a package dependency issue. (BZ#557506) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.3.1, which is not vulnerable to these issues and fixes this bug. All running instances of Adobe Reader must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0186" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0188" ); # http://www.adobe.com/support/security/bulletins/apsb10-07.html script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-07.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0114" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread and / or acroread-plugin packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.4"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/15"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2010:0114"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-9.3.1-1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-plugin-9.3.1-1.el4")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-9.3.1-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-plugin-9.3.1-1.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-plugin"); } }NASL family SuSE Local Security Checks NASL id SUSE_ACROREAD-6881.NASL description This update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8) last seen 2020-06-01 modified 2020-06-02 plugin id 51698 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51698 title SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6881) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51698); script_version ("1.10"); script_cvs_date("Date: 2019/10/25 13:36:40"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6881)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - Cross-domain request vulnerability CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0186: CVSS v2 Base Score: 5.8)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0186.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0188.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6881."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-cmaps-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-ja-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-ko-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-zh_CN-9.3.1-0.4.1")) flag++; if (rpm_check(release:"SLED10", sp:3, reference:"acroread-fonts-zh_TW-9.3.1-0.4.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family SuSE Local Security Checks NASL id SUSE_11_2_ACROREAD-100225.NASL description This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 44981 published 2010-03-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44981 title openSUSE Security Update : acroread (acroread-2068) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-2068. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44981); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:38"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"openSUSE Security Update : acroread (acroread-2068)"); script_summary(english:"Check for the acroread-2068 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=580470" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"acroread-cmaps-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ja-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ko-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }NASL family Windows NASL id ADOBE_READER_APSB10-07.NASL description The version of Adobe Reader installed on the remote host is earlier than 9.3.1 / 8.2.1. As such, it is reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188) last seen 2020-06-01 modified 2020-06-02 plugin id 44644 published 2010-02-17 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44644 title Adobe Reader < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(44644); script_version("1.20"); script_cvs_date("Date: 2018/09/17 21:46:53"); script_xref(name:"Secunia", value:"38551"); script_name(english:"Adobe Reader < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07)"); script_summary(english:"Checks version of Adobe Reader"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_bugtraq_id(38195, 38198); script_set_attribute(attribute:"synopsis", value: "The version of Adobe Reader on the remote Windows host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Adobe Reader installed on the remote host is earlier than 9.3.1 / 8.2.1. As such, it is reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188)"); script_set_attribute(attribute:'see_also', value:'http://www.adobe.com/support/security/bulletins/apsb10-07.html'); script_set_attribute(attribute:'solution', value:'Upgrade to Adobe Reader 9.3.1 / 8.2.1 or later.'); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/16"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/17"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:'Windows'); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies('adobe_reader_installed.nasl'); script_require_keys('SMB/Acroread/Version'); exit(0); } # include('global_settings.inc'); info = NULL; vers = get_kb_list('SMB/Acroread/Version'); if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB item is missing.'); foreach version (vers) { ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if ( ver[0] < 8 || (ver[0] == 8 && ver[1] < 2) || (ver[0] == 8 && ver[1] == 2 && ver[2] < 1) || (ver[0] == 9 && ver[1] < 3) || (ver[0] == 9 && ver[1] == 3 && ver[2] < 1) ) { path = get_kb_item('SMB/Acroread/'+version+'/Path'); if (isnull(path)) exit(1, 'The "SMB/Acroread/'+version+'/Path" KB item is missing.'); verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI'); if (isnull(verui)) exit(1, 'The "SMB/Acroread/'+version+'/Version_UI" KB item is missing.'); info += ' - ' + verui + ', under ' + path + '\n'; } } if (isnull(info)) exit(0, 'The remote host is not affected.'); if (report_verbosity > 0) { if (max_index(split(info)) > 1) s = "s of Adobe Reader are"; else s = " of Adobe Reader is"; report = '\nThe following vulnerable instance'+s+' installed on the'+ '\nremote host :\n\n'+ info; security_hole(port:get_kb_item("SMB/transport"), extra:report); } else security_hole(get_kb_item("SMB/transport"));NASL family SuSE Local Security Checks NASL id SUSE_11_ACROREAD-100225.NASL description This update of acroread fixes : - Cross-domain request vulnerability. (CVE-2010-0186 : CVSS v2 Base Score: 5.8) - An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0188 : CVSS v2 Base Score: 6.8) last seen 2020-06-01 modified 2020-06-02 plugin id 44984 published 2010-03-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44984 title SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 2065) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(44984); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 2065)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - Cross-domain request vulnerability. (CVE-2010-0186 : CVSS v2 Base Score: 5.8) - An unspecified vulnerability that possibly allowed remote code execution. (CVE-2010-0188 : CVSS v2 Base Score: 6.8)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=580470" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0186.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0188.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 2065."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-cmaps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-cmaps-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-ja-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-ko-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-cmaps-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-ja-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-ko-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201009-05.NASL description The remote host is affected by the vulnerability described in GLSA-201009-05 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 49126 published 2010-09-08 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49126 title GLSA-201009-05 : Adobe Reader: Multiple vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201009-05. # # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(49126); script_version("1.43"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2009-3953", "CVE-2009-4324", "CVE-2010-0186", "CVE-2010-0188", "CVE-2010-0190", "CVE-2010-0191", "CVE-2010-0192", "CVE-2010-0193", "CVE-2010-0194", "CVE-2010-0195", "CVE-2010-0196", "CVE-2010-0197", "CVE-2010-0198", "CVE-2010-0199", "CVE-2010-0201", "CVE-2010-0202", "CVE-2010-0203", "CVE-2010-0204", "CVE-2010-1241", "CVE-2010-1285", "CVE-2010-1295", "CVE-2010-1297", "CVE-2010-2168", "CVE-2010-2201", "CVE-2010-2202", "CVE-2010-2203", "CVE-2010-2204", "CVE-2010-2205", "CVE-2010-2206", "CVE-2010-2207", "CVE-2010-2208", "CVE-2010-2209", "CVE-2010-2210", "CVE-2010-2211", "CVE-2010-2212"); script_bugtraq_id(37331, 37758, 38195, 38198, 39417, 39469, 39470, 39505, 39507, 39511, 39514, 39515, 39517, 39518, 39520, 39522, 39523, 39524, 40586, 41230, 41231, 41232, 41234, 41235, 41236, 41237, 41238, 41239, 41240, 41241, 41242, 41243, 41244, 41245); script_xref(name:"GLSA", value:"201009-05"); script_name(english:"GLSA-201009-05 : Adobe Reader: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201009-05 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or bypass intended sandbox restrictions, make cross-domain requests, inject arbitrary web script or HTML, or cause a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/advisories/apsa10-01.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-02.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-07.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-09.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-14.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb10-16.html" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201009-05" ); script_set_attribute( attribute:"solution", value: "All Adobe Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/acroread-9.3.4'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164"); script_set_attribute(attribute:"exploit_framework_exploithub", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "newfunction" Invalid Pointer Use'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94, 119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:acroread"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/09/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/08"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-text/acroread", unaffected:make_list("ge 9.3.4"), vulnerable:make_list("lt 9.3.4"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Reader"); }NASL family Windows NASL id ADOBE_ACROBAT_APSB10-07.NASL description The version of Adobe Acrobat installed on the remote host is earlier than 9.3.1 / 8.2.1. Such versions are reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188) last seen 2020-06-01 modified 2020-06-02 plugin id 44643 published 2010-02-17 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44643 title Adobe Acrobat < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(44643); script_version("1.16"); script_cvs_date("Date: 2018/06/27 18:42:26"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_bugtraq_id(38195, 38198); script_xref(name:"Secunia", value:"38551"); script_name(english:"Adobe Acrobat < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07)"); script_summary(english:"Checks version of Adobe Acrobat"); script_set_attribute(attribute:"synopsis", value: "The version of Adobe Acrobat on the remote Windows host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Adobe Acrobat installed on the remote host is earlier than 9.3.1 / 8.2.1. Such versions are reportedly affected by multiple vulnerabilities : - An issue that could subvert the domain sandbox and make unauthorized cross-domain requests. (CVE-2010-0186) - An unspecified vulnerability could cause the application to crash or possibly lead to arbitrary code execution. (CVE-2010-0188)"); script_set_attribute(attribute:'see_also', value:'http://www.adobe.com/support/security/bulletins/apsb10-07.html'); script_set_attribute(attribute:'solution', value:'Upgrade to Adobe Acrobat 9.3.1 / 8.2.1 or later.'); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/16"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/17"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:'Windows'); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies('adobe_acrobat_installed.nasl'); script_require_keys('SMB/Acrobat/Version'); exit(0); } include('global_settings.inc'); version = get_kb_item('SMB/Acrobat/Version'); if (isnull(version)) exit(1, "The 'SMB/Acrobat/Version' KB item is missing."); ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if ( ver[0] < 8 || (ver[0] == 8 && ver[1] < 2) || (ver[0] == 8 && ver[1] == 2 && ver[2] < 1) || (ver[0] == 9 && ver[1] < 3) || (ver[0] == 9 && ver[1] == 3 && ver[2] < 1) ) { port = get_kb_item('SMB/transport'); if (!port) port = 445; version_ui = get_kb_item('SMB/Acrobat/Version_UI'); if (report_verbosity > 0 && version_ui) { path = get_kb_item('SMB/Acrobat/Path'); if (isnull(path)) path = 'n/a'; report = '\n'+ ' Product : Adobe Acrobat\n'+ ' Path : '+path+'\n'+ ' Installed version : '+version_ui+'\n'+ ' Fixed version : 9.3.1 / 8.2.1\n'; security_hole(port:port, extra:report); } else security_hole(port); } else exit(0, "The host is not affected since Adobe Acrobat "+version+" is installed.");NASL family SuSE Local Security Checks NASL id SUSE_11_1_ACROREAD-100225.NASL description This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 44978 published 2010-03-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44978 title openSUSE Security Update : acroread (acroread-2068) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-2068. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44978); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"openSUSE Security Update : acroread (acroread-2068)"); script_summary(english:"Check for the acroread-2068 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=580470" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"acroread-cmaps-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ja-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ko-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_CN-9.3.1-0.1.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_TW-9.3.1-0.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }NASL family SuSE Local Security Checks NASL id SUSE_11_0_ACROREAD-100225.NASL description This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 44975 published 2010-03-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44975 title openSUSE Security Update : acroread (acroread-2068) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update acroread-2068. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44975); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2010-0186", "CVE-2010-0188"); script_name(english:"openSUSE Security Update : acroread (acroread-2068)"); script_summary(english:"Check for the acroread-2068 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of acroread fixes : - CVE-2010-0186: CVSS v2 Base Score: 5.8 Cross-domain request vulnerability - CVE-2010-0188: CVSS v2 Base Score: 6.8 An unspecified vulnerability that possibly allowed remote code execution." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=580470" ); script_set_attribute( attribute:"solution", value:"Update the affected acroread packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Acrobat Bundled LibTIFF Integer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"acroread-9.3.1-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"acroread-cmaps-9.3.1-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-ja-9.3.1-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-ko-9.3.1-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-zh_CN-9.3.1-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"acroread-fonts-zh_TW-9.3.1-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread"); }
Oval
| accepted | 2013-08-12T04:10:33.642-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||
| description | Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | ||||||||||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:8697 | ||||||||||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||||||||||
| submitted | 2010-03-02T17:30:00.000-05:00 | ||||||||||||||||||||||||||||||||||||||||||||
| title | Adobe Reader and Acrobat Null Pointer Dereference Denial of Service Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
| version | 19 |
Packetstorm
data source https://packetstormsecurity.com/files/download/87308/adobe_libtiff.rb.txt id PACKETSTORM:87308 last seen 2016-12-05 published 2010-03-16 reporter jduck source https://packetstormsecurity.com/files/87308/Adobe-Acrobat-Bundled-LibTIFF-Integer-Overflow.html title Adobe Acrobat Bundled LibTIFF Integer Overflow data source https://packetstormsecurity.com/files/download/87212/CVE-2010-0188.py.txt id PACKETSTORM:87212 last seen 2016-12-05 published 2010-03-13 reporter villy source https://packetstormsecurity.com/files/87212/Adobe-PDF-LibTiff-Integer-Overflow.html title Adobe PDF LibTiff Integer Overflow
Redhat
| advisories |
| ||||
| rpms |
|
Saint
| bid | 38195 |
| description | Adobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow |
| id | misc_acroread |
| osvdb | 62526 |
| title | adobe_reader_libtiff_tifffetchshortpair |
| type | client |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:19277 last seen 2017-11-19 modified 2010-03-16 published 2010-03-16 reporter Root source https://www.seebug.org/vuldb/ssvid-19277 title Adobe PDF LibTiff Integer Overflow Code Execution bulletinFamily exploit description BUGTRAQ ID: 38195 CVE ID: CVE-2010-0188,CVE-2006-3459 Adobe Reader和Acrobat都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat采用的开源TIFF图像解析库libtiff实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户打开处理包含恶意TIFF图像的PDF文档在用户系统上执行任意指令,从而控制用户系统。 此安全问题其实是一个老漏洞(CVE-2006-3459)在Adobe产品中的重现。 Adobe Acrobat < 9.3.1 Adobe Acrobat < 8.2.1 Adobe Reader < 9.3.1 Adobe Reader < 8.2.1 临时解决方法: * 禁止浏览器自动打开PDF文档。 * 禁用JavaScript。 厂商补丁: Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.adobe.com/support/security/bulletins/apsb10-07.html id SSV:19156 last seen 2017-11-19 modified 2010-02-20 published 2010-02-20 reporter Root title Adobe Reader和Acrobat TIFF图像处理缓冲区溢出漏洞
References
- http://www.adobe.com/support/security/bulletins/apsb10-07.html
- http://www.vupen.com/english/advisories/2010/0399
- http://securitytracker.com/id?1023601
- http://www.securityfocus.com/bid/38195
- http://www.redhat.com/support/errata/RHSA-2010-0114.html
- http://secunia.com/advisories/38639
- http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
- http://secunia.com/advisories/38915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8697