Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary | |
---|---|
Title | Sun Alert 270669 Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) - Adobe Security Bulletin APSB09-15 |
Informations | |||
---|---|---|---|
Name | SUN-270669 | First vendor Publication | 2009-10-26 |
Vendor | Sun | Last vendor Modification | 2009-11-30 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_270669_multiple_security |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
26 % | CWE-20 | Improper Input Validation |
22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-399 | Resource Management Errors |
17 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
9 % | CWE-264 | Permissions, Privileges, and Access Controls |
4 % | CWE-310 | Cryptographic Issues |
4 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22955 | |||
Oval ID: | oval:org.mitre.oval:def:22955 | ||
Title: | ELSA-2009:1499: acroread security update (Critical) | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1499-01 CVE-2009-2979 CVE-2009-2980 CVE-2009-2981 CVE-2009-2983 CVE-2009-2985 CVE-2009-2986 CVE-2009-2988 CVE-2009-2990 CVE-2009-2991 CVE-2009-2993 CVE-2009-2994 CVE-2009-2996 CVE-2009-2997 CVE-2009-2998 CVE-2009-3431 CVE-2009-3458 CVE-2009-3459 CVE-2009-3462 | Version: | 77 |
Platform(s): | Oracle Linux 5 | Product(s): | acroread |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5523 | |||
Oval ID: | oval:org.mitre.oval:def:5523 | ||
Title: | Adobe Reader and Acrobat cause denial of service or possibly execute arbitrary code via unknown vectors | ||
Description: | Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2984 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5557 | |||
Oval ID: | oval:org.mitre.oval:def:5557 | ||
Title: | Adobe Reader and Acrobat might allow remote attackers to execute arbitrary code via unknown vectors. | ||
Description: | Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2991 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5560 | |||
Oval ID: | oval:org.mitre.oval:def:5560 | ||
Title: | Adobe Reader and Acrobat memory corruption or possibly execute arbitrary code via unspecified vectors | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2996 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5636 | |||
Oval ID: | oval:org.mitre.oval:def:5636 | ||
Title: | Adobe Reader and Acrobat cause DoS (memory corruption) or execute arbitrary code via unspecified vectors. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2983 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5719 | |||
Oval ID: | oval:org.mitre.oval:def:5719 | ||
Title: | Adobe Reader and Acrobat getPlus_HelperSvc.exe) local elevation of privileges | ||
Description: | NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2564 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5822 | |||
Oval ID: | oval:org.mitre.oval:def:5822 | ||
Title: | Adobe Reader and Acrobat cause Multiple Vulnerabilities | ||
Description: | The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2993 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5888 | |||
Oval ID: | oval:org.mitre.oval:def:5888 | ||
Title: | Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors | ||
Description: | Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2986 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5964 | |||
Oval ID: | oval:org.mitre.oval:def:5964 | ||
Title: | Adobe Reader and Acrobat DoS or possibly execute arbitrary code via unspecified vectors | ||
Description: | Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2980 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6054 | |||
Oval ID: | oval:org.mitre.oval:def:6054 | ||
Title: | Adobe Reader and Acrobat allows attackers to cause a denial of service via unknown vectors | ||
Description: | An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2992 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6145 | |||
Oval ID: | oval:org.mitre.oval:def:6145 | ||
Title: | Adobe Reader and Acrobat cause DoS and Arbitrary Execution | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2985 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6156 | |||
Oval ID: | oval:org.mitre.oval:def:6156 | ||
Title: | Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2994 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6274 | |||
Oval ID: | oval:org.mitre.oval:def:6274 | ||
Title: | Adobe Reader and Acrobat cause denial of service via unknown vectors | ||
Description: | Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2987 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6280 | |||
Oval ID: | oval:org.mitre.oval:def:6280 | ||
Title: | Adobe Reader and Acrobat denial of service via a crafted document | ||
Description: | Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2979 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6284 | |||
Oval ID: | oval:org.mitre.oval:def:6284 | ||
Title: | Adobe Reader and Acrobat bypass intended Trust Manager restrictions via unspecified vectors | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2981 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6297 | |||
Oval ID: | oval:org.mitre.oval:def:6297 | ||
Title: | Adobe Reader and Acrobat cause execution of arbitrary code vulnerability | ||
Description: | Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2989 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6348 | |||
Oval ID: | oval:org.mitre.oval:def:6348 | ||
Title: | Adobe Reader and Acrobat DoS via long sequence of # (hash) characters | ||
Description: | Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0048 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6365 | |||
Oval ID: | oval:org.mitre.oval:def:6365 | ||
Title: | Adobe Reader and Acrobat social engineering attack via unknown vectors | ||
Description: | An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2982 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6371 | |||
Oval ID: | oval:org.mitre.oval:def:6371 | ||
Title: | Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors | ||
Description: | Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2990 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6418 | |||
Oval ID: | oval:org.mitre.oval:def:6418 | ||
Title: | Adobe Reader and Acrobat allow arbitrary code execution and DoS | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2998 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6429 | |||
Oval ID: | oval:org.mitre.oval:def:6429 | ||
Title: | DEPRECATED: Adobe Reader and Acrobat 'format bug' remote arbitrary code execution | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3462 | Version: | 17 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6466 | |||
Oval ID: | oval:org.mitre.oval:def:6466 | ||
Title: | Adobe Reader and Acrobat allows attackers to bypass intended file-extension | ||
Description: | Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3461 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6481 | |||
Oval ID: | oval:org.mitre.oval:def:6481 | ||
Title: | Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors | ||
Description: | Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2997 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6483 | |||
Oval ID: | oval:org.mitre.oval:def:6483 | ||
Title: | Adobe Reader and Acrobat cause Denial of Service Vulnerability | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2988 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6487 | |||
Oval ID: | oval:org.mitre.oval:def:6487 | ||
Title: | Adobe Reader and Acrobat Multiple Vulnerabilities | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0045 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6499 | |||
Oval ID: | oval:org.mitre.oval:def:6499 | ||
Title: | Adobe Reader and Acrobat allow arbitrary code execution | ||
Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3458 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6532 | |||
Oval ID: | oval:org.mitre.oval:def:6532 | ||
Title: | Adobe Reader and Acrobat denial of service (application crash) via a PDF | ||
Description: | Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3431 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6534 | |||
Oval ID: | oval:org.mitre.oval:def:6534 | ||
Title: | Adobe Reader and Acrobat allow to execute arbitrary code via a crafted PDF file | ||
Description: | Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3459 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6550 | |||
Oval ID: | oval:org.mitre.oval:def:6550 | ||
Title: | Adobe Reader and Acrobat allow memory corruption | ||
Description: | Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-3460 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6554 | |||
Oval ID: | oval:org.mitre.oval:def:6554 | ||
Title: | Adobe Reader and Acrobat allows attackers to cause a DoS via unspecified vectors. | ||
Description: | Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2995 | Version: | 16 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9693 | |||
Oval ID: | oval:org.mitre.oval:def:9693 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)." | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-0045 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux Extras 3 Red Hat Enterprise Linux Extras 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution | More info here |
Adobe Reader FlateDecode filter TIFF Predictor integer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2009-10-27 | Adobe Acrobat Reader 7-9 U3D BoF |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-27 | Name : Gentoo Security Advisory GLSA 200910-03 (acroread) File : nvt/glsa_200910_03.nasl |
2009-10-27 | Name : SuSE Security Advisory SUSE-SA:2009:049 (acroread, acroread_ja) File : nvt/suse_sa_2009_049.nasl |
2009-10-22 | Name : Adobe Acrobat Unspecified vulnerability File : nvt/gb_adobe_acrobat_unspecified_vuln.nasl |
2009-10-22 | Name : Adobe Reader Multiple Vulnerabilities - Oct09 (Linux) File : nvt/gb_adobe_prdts_mult_vuln_oct09_lin.nasl |
2009-10-22 | Name : Adobe Reader/Acrobat Multiple Vulnerabilities - Oct09 (Win) File : nvt/gb_adobe_prdts_mult_vuln_oct09_win.nasl |
2009-10-19 | Name : RedHat Security Advisory RHSA-2009:1499 File : nvt/RHSA_2009_1499.nasl |
2009-10-10 | Name : SLES9: Security update for acroread File : nvt/sles9p5018489.nasl |
2009-10-06 | Name : Adobe Acrobat PDF File Denial Of Service Vulnerability File : nvt/gb_adobe_acrobat_pdf_dos_vuln.nasl |
2009-01-28 | Name : SuSE Update for acroread SUSE-SA:2007:011 File : nvt/gb_suse_2007_011.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200701-16 (acroread) File : nvt/glsa_200701_16.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1336-1 (mozilla-firefox) File : nvt/deb_1336_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58929 | Adobe Reader / Acrobat Unspecified ActiveX Input Handling DoS |
58928 | Adobe Reader / Acrobat Unspecified Trust Manager Restriction Bypass |
58927 | Adobe Reader / Acrobat Multiple Unspecified Heap Overflows |
58926 | Adobe Reader / Acrobat U3D Processing Heap Corruption |
58925 | Adobe Reader Plug-in for Mozilla Unloading Use-after-free Arbitrary Code Exec... |
58924 | Adobe Reader / Acrobat on Unix Debug Mode Arbitrary Code Execution |
58923 | Adobe Reader / Acrobat Unspecified Memory Corruption (2009-2996) |
58922 | Adobe Reader / Acrobat PDF Compact Font Format Malformed Index Handling Memor... |
58921 | Adobe Reader / Acrobat XMP-XML Entity Expansion Unspecified DoS |
58920 | Adobe Reader / Acrobat PDF U3D File Handling Invalid Array Index Arbitrary Co... |
58919 | Adobe Reader / Acrobat Unspecified File Extension Security Controls Bypass |
58918 | Adobe Acrobat Image Decoder Unspecified Input Validation Issue |
58917 | Adobe Reader / Acrobat Unspecified Integer Overflow (2009-2995) |
58916 | Adobe Reader / Acrobat Unspecified Integer Overflow (2009-2980) |
58915 | Adobe Acrobat Unspecified Integer Overflow (2009-2989) |
58914 | Adobe Acrobat Unspecified Memory Corruption (2009-3460) |
58913 | Adobe Reader / Acrobat COM Object Loading / Unloading Memory Corruption |
58912 | Adobe Reader / Acrobat U3D CLODProgressiveMeshDeclaration Array Overflow Acrobat and Reader are prone to an overflow condition. The programs fail to properly sanitize user-supplied input resulting in an array overflow. With a specially crafted PDF file containing malformed U3D data, a context-dependent attacker can potentially cause arbitrary code execution. |
58911 | Adobe Reader / Acrobat Unspecified Input Validation DoS (2009-2988) |
58910 | Adobe Reader / Acrobat Unspecified Arbitrary Code Execution (2009-3458) |
58909 | Adobe Reader / Acrobat Unspecified Certificate Spoofing Weakness |
58908 | Adobe Reader / Acrobat Multiple Unspecified Validation Weakness Arbitrary Cod... |
58907 | Adobe Reader / Acrobat on Windows ActiveX Unspecified DoS |
58906 | Adobe Reader / Acrobat Unspecified Arbitrary Code Execution (2009-2998) |
58729 | Adobe Reader / Acrobat ParamX Parameter PDF File Handling Overflow A buffer overflow exists in Acrobat & Reader. The applications fail to validate PDF files resulting in an unspecified heap overflow overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
58415 | Adobe Acrobat Alert Method Square Bracket Character DoS Adobe Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when Acrobat opens a PDF file with a large number of "[" (square bracket) characters to the alert method, and will result in loss of availability for the service. |
56120 | Adobe getPlus DLM \NOS\bin\getPlus_HelperSvc.exe Permission Weakness Local Pr... |
31596 | Adobe Acrobat Reader Plugin PDF URL Memory Corruption DoS Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when the plugin is used with Internet Explorer and processes a malformed URL, and will result in loss of availability for the browser. |
31046 | Adobe Acrobat Reader Browser Plug-in PDF XSS Acrobat Reader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the browser plug-in does not validate user supplied input to the hosted PDF file before returning the input to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's Acrobat Reader browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Adobe Acrobat Plugin Universal cross-site scripting attempt RuleID : 9842 - Revision : 11 - Type : FILE-PDF |
2016-04-05 | Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt RuleID : 37911 - Revision : 1 - Type : FILE-PDF |
2016-04-05 | Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt RuleID : 37910 - Revision : 1 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader compact font format memory corruption attempt RuleID : 28717 - Revision : 7 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader compact font format memory corruption attempt RuleID : 28716 - Revision : 7 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader FlateDecode integer overflow attempt RuleID : 25588 - Revision : 5 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader malformed FlateDecode colors declaration RuleID : 16677 - Revision : 14 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader malformed FlateDecode colors declaration RuleID : 16676 - Revision : 14 - Type : FILE-PDF |
2014-01-10 | AcroPDF.PDF ActiveX function call unicode access RuleID : 16389 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | AcroPDF.PDF ActiveX function call access RuleID : 16388 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | AcroPDF.PDF ActiveX clsid unicode access RuleID : 16387 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | AcroPDF.PDF ActiveX clsid access RuleID : 16386 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt RuleID : 16373 - Revision : 13 - Type : FILE-PDF |
2014-01-10 | Adobe JPEG2k uninitialized QCC memory corruption attempt RuleID : 16325 - Revision : 13 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader doc.export arbitrary file write attempt RuleID : 16324 - Revision : 12 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader JPEG2k uninitialized QCC memory corruption attempt RuleID : 16323 - Revision : 13 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader oversized object width attempt RuleID : 16322 - Revision : 13 - Type : FILE-PDF |
2014-01-10 | Adobe tiff oversized image length attempt RuleID : 16321 - Revision : 10 - Type : FILE-IMAGE |
2014-01-10 | Adobe PNG empty sPLT exploit attempt RuleID : 16320 - Revision : 6 - Type : FILE-IMAGE |
2014-01-10 | Malformed BMP dimensions arbitrary code execution attempt RuleID : 16222 - Revision : 11 - Type : FILE-IMAGE |
2014-01-10 | Adobe Acrobat Reader collab.addStateModel remote corruption attempt RuleID : 16176 - Revision : 13 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader collab.removeStateModel denial of service attempt RuleID : 16175 - Revision : 14 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt RuleID : 16174 - Revision : 10 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt RuleID : 16173 - Revision : 10 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader U3D line set heap corruption attempt RuleID : 16172 - Revision : 10 - Type : FILE-PDF |
2015-05-28 | U3D CLOD Progressive Mesh Continuation incorrect index remote code execution ... RuleID : 16171 - Revision : 6 - Type : WEB-CLIENT |
2015-05-28 | U3D CLOD Progressive Mesh Continuation oversized index remote code execution ... RuleID : 16170 - Revision : 6 - Type : WEB-CLIENT |
2015-05-28 | Adobe Acrobat Reader javascript heap corruption attempt RuleID : 16146 - Revision : 5 - Type : EXPLOIT |
2014-01-10 | Adobe Acrobat Reader FlateDecode integer overflow attempt RuleID : 15709 - Revision : 19 - Type : FILE-PDF |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0017.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0021.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-6585.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-6584.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-6583.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-6582.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_acroread-6588.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200910-03.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-091022.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread-091022.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-091022.nasl - Type : ACT_GATHER_INFO |
2009-10-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_acroread-091022.nasl - Type : ACT_GATHER_INFO |
2009-10-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1499.nasl - Type : ACT_GATHER_INFO |
2009-10-14 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb09-15.nasl - Type : ACT_GATHER_INFO |
2009-10-14 | Name : The PDF file viewer on the remote Windows host is affected by a memory corrup... File : adobe_reader_apsb09-15.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11433.nasl - Type : ACT_GATHER_INFO |
2009-08-28 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_709.nasl - Type : ACT_GATHER_INFO |
2009-01-31 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_1_0_154_46.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-2508.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-2545.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_acroread-2506.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1336.nasl - Type : ACT_GATHER_INFO |
2007-03-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-066-05.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2007_011.nasl - Type : ACT_GATHER_INFO |
2007-01-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200701-16.nasl - Type : ACT_GATHER_INFO |
2007-01-10 | Name : The PDF file viewer on the remote Windows host is affected by several vulnera... File : adobe_reader_709.nasl - Type : ACT_GATHER_INFO |
2007-01-05 | Name : The browser plugin on the remote Windows host is affected by multiple issues. File : adobe_pdf_plugin_80.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 121104-11 File : solaris10_121104.nasl - Type : ACT_GATHER_INFO |