scip AG

NASLDB: Adobe Acrobat < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

General

ID: 45504
Name: Adobe Acrobat < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

Summary: Checks version of Adobe Acrobat

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Port: –
Family: –
Type: Local

Description

The version of Adobe Acrobat installed on the remote host is earlier
than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple
vulnerabilities :

– A cross-site scripting issue could lead to code
execution. (CVE-2010-0190)

– A prefix protocol handler vulnerability could lead to
code execution. (CVE-2010-0191)

– A denial of service vulnerability could potentially lead
to code execution. (CVE-2010-0192)

– A denial of service vulnerability could potentially lead
to code execution. (CVE-2010-0193)

– A memory corruption vulnerability could lead to code
execution. (CVE-2010-0194)

– A font handling vulnerability could lead to code
execution. (CVE-2010-0195)

– A denial of service vulnerability could potentially lead
to code execution. (CVE-2010-0196)

– A memory corruption vulnerability could lead to code
execution. (CVE-2010-0197)

– A buffer overflow vulnerability could lead to code
execution. (CVE-2010-0198)

– A buffer overflow vulnerability could lead to code
execution. (CVE-2010-0199)

– A memory corruption vulnerability could lead to code
execution. (CVE-2010-0201)

– A buffer overflow vulnerability could lead to code
execution. (CVE-2010-0202)

– A buffer overflow vulnerability could lead to code
execution. (CVE-2010-0203)

– A memory corruption vulnerability could lead to code
execution. (CVE-2010-0204)

– A heap-based buffer overflow vulnerability could lead
to code execution. (CVE-2010-1241)

Exploiting

Exploit Available: True
Exploitability Ease: Exploits are available

Sources

CVE: CVE-2010-0190
OSVDB: –
Bugtraq: 39227
scipID: –

Timeline

Vulnerability Disclosure: 2010/04/13
Patch Release: 2010/04/13
Plugin Release: 2010/04/13

Plugin

Version: 1.10
Filename: adobe_acrobat_apsb10-09.nasl
Filesize: 5152 bytes
MD5 Hash: d6098bf61a7aa99e8728be459ebb1d78

Identification: SMB/Acrobat/Version
Require Keys: SMB/Acrobat/Version
Dependencies: ‘adobe_acrobat_installed.nasl’

Copyright: –

Latest Plugins

• Latest Plugins
  • USN-1611-1 : thunderbird vulnerabilities
  • USN-1610-1 : linux vulnerability
  • USN-1609-1 : linux-ti-omap4 vulnerability
  • SuSE 10 Security Update : PostgreSQL
  • RHSA-2012-1364: bind97
  • RHSA-2012-1363: bind
  • RHSA-2012-1362: thunderbird
  • RHSA-2012-1361: xulrunner
  • Mandriva Linux Security Advisory : graphicsmagick
  • FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack

• Archive
• scip VulDB
• Syndication
  • RSS
  • Twitter