ID CVE-2017-11267Type cveReporter cve@mitre.orgModified 2019-03-14T16:17:00
Description
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution.
{"id": "CVE-2017-11267", "bulletinFamily": "NVD", "title": "CVE-2017-11267", "description": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution.", "published": "2017-08-11T19:29:00", "modified": "2019-03-14T16:17:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11267", "reporter": "cve@mitre.org", "references": ["http://www.securitytracker.com/id/1039098", "http://www.securityfocus.com/bid/100179", "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"], "cvelist": ["CVE-2017-11267"], "type": "cve", "lastseen": "2021-02-02T06:36:33", "edition": 7, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "zdi", "idList": ["ZDI-17-621"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:3BC4D55C7B197F32FEF9A2D171ACD8AB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812550", "OPENVAS:1361412562310812548", "OPENVAS:1361412562310811617", "OPENVAS:1361412562310812556", "OPENVAS:1361412562310812554", "OPENVAS:1361412562310812547", "OPENVAS:1361412562310811622", "OPENVAS:1361412562310812557", "OPENVAS:1361412562310812549", "OPENVAS:1361412562310812555"]}, {"type": "nessus", "idList": ["ADOBE_READER_APSB17-24.NASL", "MACOSX_ADOBE_ACROBAT_APSB17-24.NASL", "ADOBE_ACROBAT_APSB17-24.NASL", "MACOSX_ADOBE_READER_APSB17-24.NASL"]}, {"type": "kaspersky", "idList": ["KLA11086"]}], "modified": "2021-02-02T06:36:33", "rev": 2}, "score": {"value": 9.0, "vector": "NONE", "modified": "2021-02-02T06:36:33", "rev": 2}, "twitter": {"counter": 2, "modified": "2020-12-09T20:13:20", "tweets": [{"link": "https://twitter.com/www_sesin_at/status/1347556339162165248", "text": "New post from https://t.co/9KYxtdZjkl?amp=1 (Adobe Acrobat Reader memory corruption [CVE-2017-11267]) has been published on https://t.co/LGK23GDMSU?amp=1"}, {"link": "https://twitter.com/WolfgangSesin/status/1347556332732354562", "text": "New post from https://t.co/uXvPWJy6tj?amp=1 (Adobe Acrobat Reader memory corruption [CVE-2017-11267]) has been published on https://t.co/cnWZzTQEUC?amp=1"}]}, "vulnersScore": 9.0}, "cpe": ["cpe:/a:adobe:reader:11.0.20", "cpe:/a:adobe:acrobat_dc:17.009.20058", "cpe:/a:adobe:acrobat_dc:15.006.30306", "cpe:/a:adobe:acrobat:11.0.20", "cpe:/a:adobe:acrobat_reader_dc:17.009.20058", "cpe:/a:adobe:acrobat_reader:17.011.30066", "cpe:/a:adobe:acrobat:17.011.30066", "cpe:/a:adobe:acrobat_reader_dc:15.006.30306"], "affectedSoftware": [{"cpeName": "adobe:acrobat_reader", "name": "adobe acrobat reader", "operator": "le", "version": "17.011.30066"}, {"cpeName": "adobe:acrobat_dc", "name": "adobe acrobat dc", "operator": "le", "version": "15.006.30306"}, {"cpeName": "adobe:acrobat_dc", "name": "adobe acrobat dc", "operator": "le", "version": "17.009.20058"}, {"cpeName": "adobe:acrobat_reader_dc", "name": "adobe acrobat reader dc", "operator": "le", "version": "17.009.20058"}, {"cpeName": "adobe:acrobat_reader_dc", "name": "adobe acrobat reader dc", "operator": "le", "version": "15.006.30306"}, {"cpeName": "adobe:acrobat", "name": "adobe acrobat", "operator": "le", "version": "17.011.30066"}, {"cpeName": "adobe:reader", "name": "adobe reader", "operator": "le", "version": "11.0.20"}, {"cpeName": "adobe:acrobat", "name": "adobe acrobat", "operator": "le", "version": "11.0.20"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:a:adobe:acrobat:17.011.30066:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:15.006.30306:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:17.011.30066:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:reader:11.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30306:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:17.009.20058:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:17.009.20058:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:11.0.20:*:*:*:*:*:*:*"], "cwe": ["CWE-119"], "scheme": null, "affectedConfiguration": [{"cpeName": "apple:mac_os_x", "name": "apple mac os x", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows", "name": "microsoft windows", "operator": "eq", "version": "*"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:adobe:acrobat:11.0.20:*:*:*:*:*:*:*", "versionEndIncluding": "11.0.20", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:17.009.20058:*:*:*:continuous:*:*:*", "versionEndIncluding": "17.009.20058", "versionStartIncluding": "15.007.20033", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:17.009.20058:*:*:*:continuous:*:*:*", "versionEndIncluding": "17.009.20058", "versionStartIncluding": "15.007.20033", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30306:*:*:*:classic:*:*:*", "versionEndIncluding": "15.006.30306", "versionStartIncluding": "15.006.30060", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat:17.011.30066:*:*:*:*:*:*:*", "versionEndIncluding": "17.011.30066", "versionStartIncluding": "17.011.00000", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:17.011.30066:*:*:*:*:*:*:*", "versionEndIncluding": "17.011.30066", "versionStartIncluding": "17.011.00000", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:reader:11.0.20:*:*:*:*:*:*:*", "versionEndIncluding": "11.0.20", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:15.006.30306:*:*:*:classic:*:*:*", "versionEndIncluding": "15.006.30306", "versionStartIncluding": "15.006.30060", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}]}, "extraReferences": [{"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"}, {"name": "100179", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100179"}, {"name": "1039098", "refsource": "SECTRACK", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039098"}], "immutableFields": []}
{"zdi": [{"lastseen": "2020-06-22T11:41:06", "bulletinFamily": "info", "cvelist": ["CVE-2017-11267"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code under the context of the current process.", "modified": "2017-06-22T00:00:00", "published": "2017-08-08T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-17-621/", "id": "ZDI-17-621", "title": "Adobe Acrobat Pro DC ImageConversion EMF Parsing Memory Corruption Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-04-01T01:18:32", "description": "The version of Adobe Reader installed on the remote Windows host is a\nversion prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 37, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-11T00:00:00", "title": "Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB17-24.NASL", "href": "https://www.tenable.com/plugins/nessus/102428", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102428);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\n \"CVE-2017-3016\",\n \"CVE-2017-3038\",\n \"CVE-2017-3113\",\n \"CVE-2017-3115\",\n \"CVE-2017-3116\",\n \"CVE-2017-3117\",\n \"CVE-2017-3118\",\n \"CVE-2017-3119\",\n \"CVE-2017-3120\",\n \"CVE-2017-3121\",\n \"CVE-2017-3122\",\n \"CVE-2017-3123\",\n \"CVE-2017-3124\",\n \"CVE-2017-11209\",\n \"CVE-2017-11210\",\n \"CVE-2017-11211\",\n \"CVE-2017-11212\",\n \"CVE-2017-11214\",\n \"CVE-2017-11216\",\n \"CVE-2017-11217\",\n \"CVE-2017-11218\",\n \"CVE-2017-11219\",\n \"CVE-2017-11220\",\n \"CVE-2017-11221\",\n \"CVE-2017-11222\",\n \"CVE-2017-11223\",\n \"CVE-2017-11224\",\n \"CVE-2017-11226\",\n \"CVE-2017-11227\",\n \"CVE-2017-11228\",\n \"CVE-2017-11229\",\n \"CVE-2017-11230\",\n \"CVE-2017-11231\",\n \"CVE-2017-11232\",\n \"CVE-2017-11233\",\n \"CVE-2017-11234\",\n \"CVE-2017-11235\",\n \"CVE-2017-11236\",\n \"CVE-2017-11237\",\n \"CVE-2017-11238\",\n \"CVE-2017-11239\",\n \"CVE-2017-11241\",\n \"CVE-2017-11242\",\n \"CVE-2017-11243\",\n \"CVE-2017-11244\",\n \"CVE-2017-11245\",\n \"CVE-2017-11246\",\n \"CVE-2017-11248\",\n \"CVE-2017-11249\",\n \"CVE-2017-11251\",\n \"CVE-2017-11252\",\n \"CVE-2017-11254\",\n \"CVE-2017-11255\",\n \"CVE-2017-11256\",\n \"CVE-2017-11257\",\n \"CVE-2017-11258\",\n \"CVE-2017-11259\",\n \"CVE-2017-11260\",\n \"CVE-2017-11261\",\n \"CVE-2017-11262\",\n \"CVE-2017-11263\",\n \"CVE-2017-11265\",\n \"CVE-2017-11267\",\n \"CVE-2017-11268\",\n \"CVE-2017-11269\",\n \"CVE-2017-11270\",\n \"CVE-2017-11271\"\n );\n script_bugtraq_id(\n 100179,\n 100180,\n 100181,\n 100182,\n 100184,\n 100185,\n 100186,\n 100187,\n 100189\n );\n\n script_name(english:\"Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is a\nversion prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 11.0.21 / 2015.006.30355 / 2017.011.30066\n/ 2017.012.20098 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-3124\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::adobe_reader::get_app_info();\nconstraints = [\n { \"min_version\" : \"11.0\", \"fixed_version\" : \"11.0.21\" },\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.6.30306\", \"fixed_version\" : \"15.6.30355\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.8.30051\", \"fixed_version\" : \"17.11.30066\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"17.9.20058\", \"fixed_version\" : \"17.12.20098\" }\n];\n# using adobe_reader namespace check_version_and_report to properly detect Continuous vs Classic, \n# and limit ver segments to 3 (18.x.y vs 18.x.y.12345) with max_segs:3\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:43:35", "description": "The version of Adobe Reader installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 33, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-11T00:00:00", "title": "Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOSX_ADOBE_READER_APSB17-24.NASL", "href": "https://www.tenable.com/plugins/nessus/102430", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102430);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\n \"CVE-2017-3016\",\n \"CVE-2017-3038\",\n \"CVE-2017-3113\",\n \"CVE-2017-3115\",\n \"CVE-2017-3116\",\n \"CVE-2017-3117\",\n \"CVE-2017-3118\",\n \"CVE-2017-3119\",\n \"CVE-2017-3120\",\n \"CVE-2017-3121\",\n \"CVE-2017-3122\",\n \"CVE-2017-3123\",\n \"CVE-2017-3124\",\n \"CVE-2017-11209\",\n \"CVE-2017-11210\",\n \"CVE-2017-11211\",\n \"CVE-2017-11212\",\n \"CVE-2017-11214\",\n \"CVE-2017-11216\",\n \"CVE-2017-11217\",\n \"CVE-2017-11218\",\n \"CVE-2017-11219\",\n \"CVE-2017-11220\",\n \"CVE-2017-11221\",\n \"CVE-2017-11222\",\n \"CVE-2017-11223\",\n \"CVE-2017-11224\",\n \"CVE-2017-11226\",\n \"CVE-2017-11227\",\n \"CVE-2017-11228\",\n \"CVE-2017-11229\",\n \"CVE-2017-11230\",\n \"CVE-2017-11231\",\n \"CVE-2017-11232\",\n \"CVE-2017-11233\",\n \"CVE-2017-11234\",\n \"CVE-2017-11235\",\n \"CVE-2017-11236\",\n \"CVE-2017-11237\",\n \"CVE-2017-11238\",\n \"CVE-2017-11239\",\n \"CVE-2017-11241\",\n \"CVE-2017-11242\",\n \"CVE-2017-11243\",\n \"CVE-2017-11244\",\n \"CVE-2017-11245\",\n \"CVE-2017-11246\",\n \"CVE-2017-11248\",\n \"CVE-2017-11249\",\n \"CVE-2017-11251\",\n \"CVE-2017-11252\",\n \"CVE-2017-11254\",\n \"CVE-2017-11255\",\n \"CVE-2017-11256\",\n \"CVE-2017-11257\",\n \"CVE-2017-11258\",\n \"CVE-2017-11259\",\n \"CVE-2017-11260\",\n \"CVE-2017-11261\",\n \"CVE-2017-11262\",\n \"CVE-2017-11263\",\n \"CVE-2017-11265\",\n \"CVE-2017-11267\",\n \"CVE-2017-11268\",\n \"CVE-2017-11269\",\n \"CVE-2017-11270\",\n \"CVE-2017-11271\"\n );\n script_bugtraq_id(\n 100179,\n 100180,\n 100181,\n 100182,\n 100184,\n 100185,\n 100186,\n 100187,\n 100189\n );\n\n script_name(english:\"Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote host is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 11.0.21 / 2015.006.30355 / 2017.011.30066\n/ 2017.012.20098 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-3124\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Reader\");\nbase_dir = app_info['path'] - \"/Applications\";\ntrack = get_kb_item(\"MacOSX/Adobe_Reader\"+base_dir+\"/Track\");\n\nif (!isnull(track) && track == '2017')\n{\n constraints = [\n { \"min_version\" : \"17.8\", \"fixed_version\" : \"17.11.30066\" }\n ];\n\n}\nelse\n{\n constraints = [\n { \"min_version\" : \"11\", \"fixed_version\" : \"11.0.21\" },\n { \"min_version\" : \"15.6\", \"fixed_version\" : \"15.6.30355\" },\n { \"min_version\" : \"15.7\", \"fixed_version\" : \"17.12.20098\" }\n ];\n}\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:42:34", "description": "The version of Adobe Acrobat installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 33, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-11T00:00:00", "title": "Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOSX_ADOBE_ACROBAT_APSB17-24.NASL", "href": "https://www.tenable.com/plugins/nessus/102429", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102429);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/04/19 10:12:36\");\n\n script_cve_id(\n \"CVE-2017-3016\",\n \"CVE-2017-3038\",\n \"CVE-2017-3113\",\n \"CVE-2017-3115\",\n \"CVE-2017-3116\",\n \"CVE-2017-3117\",\n \"CVE-2017-3118\",\n \"CVE-2017-3119\",\n \"CVE-2017-3120\",\n \"CVE-2017-3121\",\n \"CVE-2017-3122\",\n \"CVE-2017-3123\",\n \"CVE-2017-3124\",\n \"CVE-2017-11209\",\n \"CVE-2017-11210\",\n \"CVE-2017-11211\",\n \"CVE-2017-11212\",\n \"CVE-2017-11214\",\n \"CVE-2017-11216\",\n \"CVE-2017-11217\",\n \"CVE-2017-11218\",\n \"CVE-2017-11219\",\n \"CVE-2017-11220\",\n \"CVE-2017-11221\",\n \"CVE-2017-11222\",\n \"CVE-2017-11223\",\n \"CVE-2017-11224\",\n \"CVE-2017-11226\",\n \"CVE-2017-11227\",\n \"CVE-2017-11228\",\n \"CVE-2017-11229\",\n \"CVE-2017-11230\",\n \"CVE-2017-11231\",\n \"CVE-2017-11232\",\n \"CVE-2017-11233\",\n \"CVE-2017-11234\",\n \"CVE-2017-11235\",\n \"CVE-2017-11236\",\n \"CVE-2017-11237\",\n \"CVE-2017-11238\",\n \"CVE-2017-11239\",\n \"CVE-2017-11241\",\n \"CVE-2017-11242\",\n \"CVE-2017-11243\",\n \"CVE-2017-11244\",\n \"CVE-2017-11245\",\n \"CVE-2017-11246\",\n \"CVE-2017-11248\",\n \"CVE-2017-11249\",\n \"CVE-2017-11251\",\n \"CVE-2017-11252\",\n \"CVE-2017-11254\",\n \"CVE-2017-11255\",\n \"CVE-2017-11256\",\n \"CVE-2017-11257\",\n \"CVE-2017-11258\",\n \"CVE-2017-11259\",\n \"CVE-2017-11260\",\n \"CVE-2017-11261\",\n \"CVE-2017-11262\",\n \"CVE-2017-11263\",\n \"CVE-2017-11265\",\n \"CVE-2017-11267\",\n \"CVE-2017-11268\",\n \"CVE-2017-11269\",\n \"CVE-2017-11270\",\n \"CVE-2017-11271\"\n );\n script_bugtraq_id(\n 100179,\n 100180,\n 100181,\n 100182,\n 100184,\n 100185,\n 100186,\n 100187,\n 100189\n );\n\n script_name(english:\"Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote host is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat 11.0.21 / 2015.006.30355 / 2017.011.30066\n/ 2017.012.20098 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-3124\"); \n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\");\n\n constraints = [\n { \"min_version\" : \"11\", \"fixed_version\" : \"11.0.21\" },\n { \"min_version\" : \"15.6\", \"fixed_version\" : \"15.6.30355\" },\n { \"min_version\" : \"15.7\", \"fixed_version\" : \"17.12.20098\" },\n { \"min_version\" : \"17.8\", \"fixed_version\" : \"17.11.30066\" }\n ];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T01:16:59", "description": "The version of Adobe Acrobat installed on the remote Windows host is a\nversion prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 35, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-11T00:00:00", "title": "Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB17-24.NASL", "href": "https://www.tenable.com/plugins/nessus/102427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102427);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\n \"CVE-2017-3016\",\n \"CVE-2017-3038\",\n \"CVE-2017-3113\",\n \"CVE-2017-3115\",\n \"CVE-2017-3116\",\n \"CVE-2017-3117\",\n \"CVE-2017-3118\",\n \"CVE-2017-3119\",\n \"CVE-2017-3120\",\n \"CVE-2017-3121\",\n \"CVE-2017-3122\",\n \"CVE-2017-3123\",\n \"CVE-2017-3124\",\n \"CVE-2017-11209\",\n \"CVE-2017-11210\",\n \"CVE-2017-11211\",\n \"CVE-2017-11212\",\n \"CVE-2017-11214\",\n \"CVE-2017-11216\",\n \"CVE-2017-11217\",\n \"CVE-2017-11218\",\n \"CVE-2017-11219\",\n \"CVE-2017-11220\",\n \"CVE-2017-11221\",\n \"CVE-2017-11222\",\n \"CVE-2017-11223\",\n \"CVE-2017-11224\",\n \"CVE-2017-11226\",\n \"CVE-2017-11227\",\n \"CVE-2017-11228\",\n \"CVE-2017-11229\",\n \"CVE-2017-11230\",\n \"CVE-2017-11231\",\n \"CVE-2017-11232\",\n \"CVE-2017-11233\",\n \"CVE-2017-11234\",\n \"CVE-2017-11235\",\n \"CVE-2017-11236\",\n \"CVE-2017-11237\",\n \"CVE-2017-11238\",\n \"CVE-2017-11239\",\n \"CVE-2017-11241\",\n \"CVE-2017-11242\",\n \"CVE-2017-11243\",\n \"CVE-2017-11244\",\n \"CVE-2017-11245\",\n \"CVE-2017-11246\",\n \"CVE-2017-11248\",\n \"CVE-2017-11249\",\n \"CVE-2017-11251\",\n \"CVE-2017-11252\",\n \"CVE-2017-11254\",\n \"CVE-2017-11255\",\n \"CVE-2017-11256\",\n \"CVE-2017-11257\",\n \"CVE-2017-11258\",\n \"CVE-2017-11259\",\n \"CVE-2017-11260\",\n \"CVE-2017-11261\",\n \"CVE-2017-11262\",\n \"CVE-2017-11263\",\n \"CVE-2017-11265\",\n \"CVE-2017-11267\",\n \"CVE-2017-11268\",\n \"CVE-2017-11269\",\n \"CVE-2017-11270\",\n \"CVE-2017-11271\"\n );\n script_bugtraq_id(\n 100179,\n 100180,\n 100181,\n 100182,\n 100184,\n 100185,\n 100186,\n 100187,\n 100189\n );\n\n script_name(english:\"Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is a\nversion prior to 11.0.21, 2015.006.30355, 2017.011.30066,\nor 2017.012.20098. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-11.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat 11.0.21 / 2015.006.30355 / 2017.011.30066\n/ 2017.012.20098 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-3124\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\", win_local:TRUE);\nconstraints = [\n { \"min_version\" : \"11.0\", \"fixed_version\" : \"11.0.21\" },\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.6.30306\", \"fixed_version\" : \"15.6.30355\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.8.30051\", \"fixed_version\" : \"17.11.30066\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"17.9.20058\", \"fixed_version\" : \"17.12.20098\" }\n];\n# using adobe_reader namespace check_version_and_report to properly detect Continuous vs Classic, \n# and limit ver segments to 3 (18.x.y vs 18.x.y.12345) with max_segs:3\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "trendmicroblog": [{"lastseen": "2017-08-24T14:09:47", "bulletinFamily": "blog", "cvelist": ["CVE-2017-11209", "CVE-2017-11210", "CVE-2017-11211", "CVE-2017-11212", "CVE-2017-11214", "CVE-2017-11216", "CVE-2017-11217", "CVE-2017-11218", "CVE-2017-11219", "CVE-2017-11220", "CVE-2017-11221", "CVE-2017-11222", "CVE-2017-11223", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11227", "CVE-2017-11228", "CVE-2017-11229", "CVE-2017-11230", "CVE-2017-11231", "CVE-2017-11232", "CVE-2017-11233", "CVE-2017-11234", "CVE-2017-11235", "CVE-2017-11236", "CVE-2017-11237", "CVE-2017-11238", "CVE-2017-11239", "CVE-2017-11241", "CVE-2017-11242", "CVE-2017-11243", "CVE-2017-11244", "CVE-2017-11245", "CVE-2017-11246", "CVE-2017-11248", "CVE-2017-11249", "CVE-2017-11251", "CVE-2017-11252", "CVE-2017-11254", "CVE-2017-11255", "CVE-2017-11256", "CVE-2017-11257", "CVE-2017-11258", "CVE-2017-11259", "CVE-2017-11260", "CVE-2017-11261", "CVE-2017-11262", "CVE-2017-11263", "CVE-2017-11265", "CVE-2017-11267", "CVE-2017-11268", "CVE-2017-11269", "CVE-2017-11270", "CVE-2017-11271", "CVE-2017-3085", "CVE-2017-3106", "CVE-2017-3113", "CVE-2017-3115", "CVE-2017-3116", "CVE-2017-3117", "CVE-2017-3118", "CVE-2017-3119", "CVE-2017-3120", "CVE-2017-3121", "CVE-2017-3122", "CVE-2017-3123", "CVE-2017-3124"], "description": "\n\nOne of my favorite movies is the 1999 comedy \u201cGalaxy Quest,\u201d which features the cast of a science-fiction television series similar to Star Trek. In the movie, the crew is visited by real aliens who ask them for help against an intergalactic adversary because they believe that Galaxy Quest is a documentary of historical documents \u2013 not a TV show. There\u2019s a scene in the movie where someone pressed the button that destroys the ship. The crew makes it to the center of the ship where they can stop the process but the stop button doesn\u2019t work. The countdown to destruction continues, but when the clock hits one second, it stops. Why? Because on a TV show, the clock always stops at one second before total destruction.\n\nSometimes, we can\u2019t control the script of our real-life security world and the clock doesn\u2019t stop at one second. Yesterday, the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) (ZDI) published two zero-day advisories for vulnerabilities in Foxit Reader per the guidelines outlined in the ZDI disclosure policy. The two advisories, [ZDI-17-691](<http://www.zerodayinitiative.com/advisories/ZDI-17-691/>) and [ZDI-17-692](<http://www.zerodayinitiative.com/advisories/ZDI-17-692/>), allow remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. For more detailed analysis of the Foxit Reader vulnerabilities, you can read the ZDI blog: [Busting Myths in Foxit Reader](<https://www.zerodayinitiative.com/blog/2017/8/17/busting-myths-in-foxit-reader>).\n\n**Adobe Security Update**\n\nThis week\u2019s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before August 8, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an (*) shipped prior to this week\u2019s DV package, providing zero-day protection for our customers. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [August 2017 Security Update Review](<https://www.zerodayinitiative.com/blog/2017/8/8/the-august-2017-security-update-review>) from the Zero Day Initiative:\n\n**Bulletin #** | **CVE #** | **Digital Vaccine Filter #** | **Status** \n---|---|---|--- \nAPSB17-23 | CVE-2017-3085 | | Local Only \nAPSB17-23 | CVE-2017-3106 | 29353 | \nAPSB17-24 | CVE-2017-3113 | *26537 | \nAPSB17-24 | CVE-2017-3115 | *27233 | \nAPSB17-24 | CVE-2017-3116 | 29354 | \nAPSB17-24 | CVE-2017-3117 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-24 | CVE-2017-3118 | 29358 | \nAPSB17-24 | CVE-2017-3119 | 29359 | \nAPSB17-24 | CVE-2017-3120 | *27751 | \nAPSB17-24 | CVE-2017-3121 | *27948 | \nAPSB17-24 | CVE-2017-3122 | *28005 | \nAPSB17-24 | CVE-2017-3123 | *28032 | \nAPSB17-24 | CVE-2017-3124 | *28034 | \nAPSB17-24 | CVE-2017-11209 | *28035 | \nAPSB17-24 | CVE-2017-11210 | *28092 | \nAPSB17-24 | CVE-2017-11211 | *28218 | \nAPSB17-24 | CVE-2017-11212 | *28100 | \nAPSB17-24 | CVE-2017-11214 | *28216 | \nAPSB17-24 | CVE-2017-11216 | *27821 | \nAPSB17-24 | CVE-2017-11217 | *27812 | \nAPSB17-24 | CVE-2017-11218 | *27753 | \nAPSB17-24 | CVE-2017-11219 | *27820 | \nAPSB17-24 | CVE-2017-11220 | 29360 | \nAPSB17-24 | CVE-2017-11221 | 29413 | \nAPSB17-24 | CVE-2017-11222 | 29352 | \nAPSB17-24 | CVE-2017-11223 | *28202 | \nAPSB17-24 | CVE-2017-11224 | *28202 | \nAPSB17-24 | CVE-2017-11226 | 29349 | \nAPSB17-24 | CVE-2017-11227 | *28473 | \nAPSB17-24 | CVE-2017-11228 | *28475 | \nAPSB17-24 | CVE-2017-11229 | 29361 | \nAPSB17-24 | CVE-2017-11230 | *28476 | \nAPSB17-24 | CVE-2017-11231 | *28478 | \nAPSB17-24 | CVE-2017-11232 | *28479 | \nAPSB17-24 | CVE-2017-11233 | *28481 | \nAPSB17-24 | CVE-2017-11234 | *28543 | \nAPSB17-24 | CVE-2017-11235 | 29362 | \nAPSB17-24 | CVE-2017-11236 | 29363 | \nAPSB17-24 | CVE-2017-11237 | 29370 | \nAPSB17-24 | CVE-2017-11238 | 29371 | \nAPSB17-24 | CVE-2017-11239 | *28544 | \nAPSB17-24 | CVE-2017-11241 | *28547 | \nAPSB17-24 | CVE-2017-11242 | 28480, 28548 | \nAPSB17-24 | CVE-2017-11243 | *28663 | \nAPSB17-24 | CVE-2017-11244 | *28664 | \nAPSB17-24 | CVE-2017-11245 | *28666 | \nAPSB17-24 | CVE-2017-11246 | 29414 | \nAPSB17-24 | CVE-2017-11248 | *28463 | \nAPSB17-24 | CVE-2017-11249 | *28464 | \nAPSB17-24 | CVE-2017-11251 | 29418 | \nAPSB17-24 | CVE-2017-11252 | *28477 | \nAPSB17-24 | CVE-2017-11254 | 29350 | \nAPSB17-24 | CVE-2017-11255 | *28741 | \nAPSB17-24 | CVE-2017-11256 | *28735 | \nAPSB17-24 | CVE-2017-11257 | *28734 | \nAPSB17-24 | CVE-2017-11258 | *28732 | \nAPSB17-24 | CVE-2017-11259 | *28733 | \nAPSB17-24 | CVE-2017-11260 | *28731 | \nAPSB17-24 | CVE-2017-11261 | *28730 | \nAPSB17-24 | CVE-2017-11262 | 29355 | \nAPSB17-24 | CVE-2017-11263 | 29369 | \nAPSB17-24 | CVE-2017-11265 | *28916 | \nAPSB17-24 | CVE-2017-11267 | 29364 | \nAPSB17-24 | CVE-2017-11268 | 29365 | \nAPSB17-24 | CVE-2017-11269 | 29366 | \nAPSB17-24 | CVE-2017-11270 | 29367 | \nAPSB17-24 | CVE-2017-11271 | 29368 | \n \n \n\n**TippingPoint Operating System (TOS) v3.9.2 Release**\n\nEarlier this week, we issued a maintenance release version 3.9.2 build 4784 of the TippingPoint Operating System (TOS) for the N/NX Platform family. For the complete list of enhancements and changes, please refer to the product Release Notes located on the Threat Management center (TMC) Web site at <https://tmc.tippingpoint.com>. Customers with questions or technical assistance can contact the TippingPoint Technical Assistance Center (TAC).\n\n**Zero-Day Filters**\n\nThere are 14 new zero-day filters covering two vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website.\n\n**_Adobe (11)_**\n\n| \n\n * 29362: HTTP: Adobe Acrobat Pro DC ImageConversion JPEG Use-After-Free Vulnerability (ZDI-17-590)\n * 29363: HTTP: Adobe Acrobat Pro DC Forms Information Disclosure Vulnerability (ZDI-17-591)\n * 29364: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-621)\n * 29365: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-622)\n * 29366: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-623)\n * 29367: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-625)\n * 29368: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-629)\n * 29370: HTTP: Adobe Acrobat Pro DC Font Parsing Information Disclosure Vulnerability (ZDI-17-592)\n * 29371: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Information Disclosure Vulnerability (ZDI-17-593)\n * 29414: HTTP: Adobe Acrobat Pro ImageConversion JPEG Information Disclosure Vulnerability (ZDI-17-603)\n * 29418: HTTP: Adobe Acrobat Pro DC JPEG2000 Memory Corruption Vulnerability (ZDI-17-609)**_ _** \n---|--- \n \n**_ _**\n\n**_Trend Micro (3)_**\n\n| \n\n * 29333: HTTPS: Trend Micro SafeSync for Enterprise replace_local_disk Command Injection (ZDI-17-119)\n * 29337: HTTP: Trend Micro SafeSync for Enterprise dead_local_disk Command Injection (ZDI-17-118)\n * 29338: HTTPS: Trend Micro SafeSync for Enterprise dead_local_disk Command Injection (ZDI-17-118) \n---|--- \n| \n \n**Missed Last Week\u2019s News?**\n\nCatch up on last week\u2019s news in my [weekly recap](<http://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-august-7-2017/>).", "modified": "2017-08-18T12:00:42", "published": "2017-08-18T12:00:42", "href": "http://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-august-14-2017/", "id": "TRENDMICROBLOG:3BC4D55C7B197F32FEF9A2D171ACD8AB", "title": "TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of August 14, 2017", "type": "trendmicroblog", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-07-17T14:18:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat DC (Classic Track)\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812554", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812554", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812554\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:49 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC (Classic Track)\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Classic Track) 2015.006.30306\n and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track) version\n 2015.006.30355 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30355 == 15.006.30355\nif(version_is_less(version:vers, test_version:\"15.006.30355\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30355 (2015.006.30355)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n Reader DC (Classic Track) and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812557", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812557", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812557\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:49 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30306 and earlier versions on macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC (Classic Track) version\n 2015.006.30355 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30355 == 15.006.30355\nif(version_is_less(version:vers, test_version:\"15.006.30355\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30355 (2015.006.30355)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat DC (Classic Track)\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812555", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812555\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:49 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb17-24) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC (Classic Track)\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Classic Track) 2015.006.30306\n and earlier versions on macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track) version\n 2015.006.30355 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30355 == 15.006.30355\nif(version_is_less(version:vers, test_version:\"15.006.30355\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30355 (2015.006.30355)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812548", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812548", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates(apsb17-24)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat 2017 Security Updates(apsb17-24)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812548\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:15 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat 2017 Security Updates(apsb17-24)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017.008.30051 and earlier\n versions on macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30066 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30066 == 17.011.30066\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30065\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30066 (2017.011.30066)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n Reader 2017 and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812547", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812547\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:15 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.008.30051 and earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30066 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30065 == 17.011.30065\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30065\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30066 (2017.011.30066)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat DC (Continuous Track)\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812550", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812550", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb17-24) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Continuous Track) Security Updates (apsb17-24)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812550\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:31 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb17-24) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC (Continuous Track)\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track) 2017.009.20058\n and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Continuous Track) version\n 2017.012.20098 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2017.012.20098 == 17.012.20098\nif(version_is_less(version:vers, test_version:\"17.012.20098\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.012.20098 (2017.012.20098)\", install_path:path);\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n Reader DC (Classic Track) and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812556", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812556", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812556\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:49 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb17-24) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code and\n disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30306 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader DC (Classic Track)\n version 2015.006.30355 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30355 == 15.006.30355\nif(version_is_less(version:vers, test_version:\"15.006.30355\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30355 (2015.006.30355)\", install_path:path);\n security_message(data:report);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "modified": "2019-05-24T00:00:00", "published": "2017-08-10T00:00:00", "id": "OPENVAS:1361412562310811622", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811622", "type": "openvas", "title": "Adobe Acrobat Security Updates(apsb17-24)-Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Security Updates(apsb17-24)-Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811622\");\n script_version(\"2019-05-24T11:20:30+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_bugtraq_id(100179, 97556, 100182, 100187, 100180, 100189, 100184, 100181,\n 100186, 100185);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-24 11:20:30 +0000 (Fri, 24 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-08-10 10:47:06 +0530 (Thu, 10 Aug 2017)\");\n script_name(\"Adobe Acrobat Security Updates(apsb17-24)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple Security Bypass vulnerabilities.\n\n - Multiple Type Confusion vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to execute arbitrary code remotely and can get\n hands on sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.21\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 11.0.21 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.20\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.21\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "modified": "2019-05-24T00:00:00", "published": "2017-08-10T00:00:00", "id": "OPENVAS:1361412562310811617", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811617", "type": "openvas", "title": "Adobe Acrobat Security Updates(apsb17-24)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Security Updates(apsb17-24)-MAC OS X\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811617\");\n script_version(\"2019-05-24T11:20:30+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_bugtraq_id(100179, 97556, 100182, 100187, 100180, 100189, 100184, 100181,\n 100186, 100185);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-24 11:20:30 +0000 (Fri, 24 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-08-10 10:47:06 +0530 (Thu, 10 Aug 2017)\");\n script_name(\"Adobe Acrobat Security Updates(apsb17-24)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple Security Bypass vulnerabilities.\n\n - Multiple Type Confusion vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to execute arbitrary code remotely and can get\n hands on sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.21\n on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 11.0.21 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.20\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.21\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "This host is installed with Adobe Acrobat\n Reader 2017 and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-03-09T00:00:00", "id": "OPENVAS:1361412562310812549", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812549", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812549\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-3016\", \"CVE-2017-3038\", \"CVE-2017-3113\", \"CVE-2017-3115\",\n \"CVE-2017-3116\", \"CVE-2017-3117\", \"CVE-2017-3118\", \"CVE-2017-3119\",\n \"CVE-2017-3120\", \"CVE-2017-3121\", \"CVE-2017-3122\", \"CVE-2017-3123\",\n \"CVE-2017-3124\", \"CVE-2017-11209\", \"CVE-2017-11210\", \"CVE-2017-11211\",\n \"CVE-2017-11212\", \"CVE-2017-11214\", \"CVE-2017-11216\", \"CVE-2017-11217\",\n \"CVE-2017-11218\", \"CVE-2017-11219\", \"CVE-2017-11220\", \"CVE-2017-11221\",\n \"CVE-2017-11222\", \"CVE-2017-11223\", \"CVE-2017-11224\", \"CVE-2017-11226\",\n \"CVE-2017-11227\", \"CVE-2017-11228\", \"CVE-2017-11229\", \"CVE-2017-11230\",\n \"CVE-2017-11231\", \"CVE-2017-11232\", \"CVE-2017-11233\", \"CVE-2017-11234\",\n \"CVE-2017-11235\", \"CVE-2017-11236\", \"CVE-2017-11237\", \"CVE-2017-11238\",\n \"CVE-2017-11239\", \"CVE-2017-11241\", \"CVE-2017-11242\", \"CVE-2017-11243\",\n \"CVE-2017-11244\", \"CVE-2017-11245\", \"CVE-2017-11246\", \"CVE-2017-11248\",\n \"CVE-2017-11249\", \"CVE-2017-11251\", \"CVE-2017-11252\", \"CVE-2017-11254\",\n \"CVE-2017-11255\", \"CVE-2017-11256\", \"CVE-2017-11257\", \"CVE-2017-11258\",\n \"CVE-2017-11259\", \"CVE-2017-11260\", \"CVE-2017-11261\", \"CVE-2017-11262\",\n \"CVE-2017-11263\", \"CVE-2017-11265\", \"CVE-2017-11267\", \"CVE-2017-11268\",\n \"CVE-2017-11269\", \"CVE-2017-11270\", \"CVE-2017-11271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-09 13:25:15 +0530 (Fri, 09 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates(apsb17-24)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple use after free vulnerabilities.\n\n - Multiple heap overflow vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - Multiple type confusion errors.\n\n - An insufficient verification of data authenticity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of these\n vulnerabilities will allow remote attackers to execute arbitrary code\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.008.30051 and earlier on macosx.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 2017 version\n 2017.011.30066 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30065 == 17.011.30065\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30065\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30066 (2017.011.30066)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:50:41", "bulletinFamily": "info", "cvelist": ["CVE-2017-3119", "CVE-2017-11262", "CVE-2017-11265", "CVE-2017-11271", "CVE-2017-11219", "CVE-2017-11228", "CVE-2017-11270", "CVE-2017-11245", "CVE-2017-11227", "CVE-2017-3124", "CVE-2017-11242", "CVE-2017-11223", "CVE-2017-11241", "CVE-2017-11230", "CVE-2017-11251", "CVE-2017-11220", "CVE-2017-11216", "CVE-2017-11263", "CVE-2017-11238", "CVE-2017-3116", "CVE-2017-11233", "CVE-2017-3121", "CVE-2017-11234", "CVE-2017-11209", "CVE-2017-11222", "CVE-2017-11237", "CVE-2017-3113", "CVE-2017-11260", "CVE-2017-3123", "CVE-2017-11267", "CVE-2017-11236", "CVE-2017-3038", "CVE-2017-11224", "CVE-2017-11226", "CVE-2017-11246", "CVE-2017-11249", "CVE-2017-3115", "CVE-2017-11217", "CVE-2017-11248", "CVE-2017-11269", "CVE-2017-11235", "CVE-2017-11218", "CVE-2017-11252", "CVE-2017-11268", "CVE-2017-11255", "CVE-2017-3122", "CVE-2017-11259", "CVE-2017-11256", "CVE-2017-11258", "CVE-2017-11244", "CVE-2017-3117", "CVE-2017-11212", "CVE-2017-3120", "CVE-2017-3118", "CVE-2017-11261", "CVE-2017-11254", "CVE-2017-11211", "CVE-2017-11239", "CVE-2017-11214", "CVE-2017-11243", "CVE-2017-11229", "CVE-2017-11221", "CVE-2017-11257", "CVE-2017-3016", "CVE-2017-11231", "CVE-2017-11210", "CVE-2017-11232"], "description": "### *Detect date*:\n08/08/2017\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitrary code.\n\n### *Affected products*:\nAdobe Acrobat Reader DC Continuous earlier than 17.012.20098 \nAdobe Reader XI earlier than 11.0.21 \nAdobe Acrobat XI earlier than 11.0.21 \nAdobe Acrobat 2017 earlier than 17.011.30066 \nAdobe Acrobat Reader 2017 earlier than 17 17.011.30066 \nAdobe Acrobat DC Classic earlier than 15.006.30355 \nAdobe Acrobat DC Continuous earlier than 17.012.20098 \nAdobe Acrobat Reader DC Classic earlier than 15.006.30355 \n\n### *Solution*:\nUpdate to the latest versions \n[Get Adobe Acrobat DC](<http://supportdownloads.adobe.com/product.jsp?product=1&platform=Windows>) \n[Get Adobe Acrobat Reader DC](<https://get.adobe.com/reader/>) \n[Get Adobe Reader XI](<http://supportdownloads.adobe.com/product.jsp?product=10&platform=Windows>)\n\n### *Original advisories*:\n[Adobe Security Bulletin](<https://helpx.adobe.com/security/products/acrobat/apsb17-24.html>) \n[Update to Security Bulletin](<http://blogs.adobe.com/psirt/?p=1484>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Reader](<https://threats.kaspersky.com/en/product/Adobe-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2017-3038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3038>)0.0Unknown \n[CVE-2017-11221](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11221>)0.0Unknown \n[CVE-2017-11222](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11222>)0.0Unknown \n[CVE-2017-11223](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11223>)0.0Unknown \n[CVE-2017-11224](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11224>)0.0Unknown \n[CVE-2017-11226](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11226>)0.0Unknown \n[CVE-2017-11227](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11227>)0.0Unknown \n[CVE-2017-11228](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11228>)0.0Unknown \n[CVE-2017-11229](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11229>)0.0Unknown \n[CVE-2017-11230](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11230>)0.0Unknown \n[CVE-2017-11231](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11231>)0.0Unknown \n[CVE-2017-11232](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11232>)0.0Unknown \n[CVE-2017-11233](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11233>)0.0Unknown \n[CVE-2017-11234](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11234>)0.0Unknown \n[CVE-2017-11235](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11235>)0.0Unknown \n[CVE-2017-11236](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11236>)0.0Unknown \n[CVE-2017-11237](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11237>)0.0Unknown \n[CVE-2017-11238](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11238>)0.0Unknown \n[CVE-2017-11239](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11239>)0.0Unknown \n[CVE-2017-11241](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11241>)0.0Unknown \n[CVE-2017-11242](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11242>)0.0Unknown \n[CVE-2017-11243](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11243>)0.0Unknown \n[CVE-2017-11244](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11244>)0.0Unknown \n[CVE-2017-11245](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11245>)0.0Unknown \n[CVE-2017-11246](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11246>)0.0Unknown \n[CVE-2017-11248](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11248>)0.0Unknown \n[CVE-2017-11249](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11249>)0.0Unknown \n[CVE-2017-11251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11251>)0.0Unknown \n[CVE-2017-11252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11252>)0.0Unknown \n[CVE-2017-11254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11254>)0.0Unknown \n[CVE-2017-11255](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11255>)0.0Unknown \n[CVE-2017-11256](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11256>)0.0Unknown \n[CVE-2017-11257](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11257>)0.0Unknown \n[CVE-2017-11258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11258>)0.0Unknown \n[CVE-2017-11259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11259>)0.0Unknown \n[CVE-2017-11260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11260>)0.0Unknown \n[CVE-2017-11261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11261>)0.0Unknown \n[CVE-2017-11262](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11262>)0.0Unknown \n[CVE-2017-11263](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11263>)0.0Unknown \n[CVE-2017-11265](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11265>)0.0Unknown \n[CVE-2017-11267](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11267>)0.0Unknown \n[CVE-2017-11268](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11268>)0.0Unknown \n[CVE-2017-11269](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11269>)0.0Unknown \n[CVE-2017-11270](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11270>)0.0Unknown \n[CVE-2017-11271](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11271>)0.0Unknown \n[CVE-2017-3016](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3016>)0.0Unknown \n[CVE-2017-3113](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3113>)0.0Unknown \n[CVE-2017-3115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3115>)0.0Unknown \n[CVE-2017-3116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3116>)0.0Unknown \n[CVE-2017-3117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3117>)0.0Unknown \n[CVE-2017-3118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3118>)0.0Unknown \n[CVE-2017-3119](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3119>)0.0Unknown \n[CVE-2017-3120](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3120>)0.0Unknown \n[CVE-2017-3121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3121>)0.0Unknown \n[CVE-2017-3122](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3122>)0.0Unknown \n[CVE-2017-3123](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3123>)0.0Unknown \n[CVE-2017-3124](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3124>)0.0Unknown \n[CVE-2017-11209](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11209>)0.0Unknown \n[CVE-2017-11210](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11210>)0.0Unknown \n[CVE-2017-11211](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11211>)0.0Unknown \n[CVE-2017-11212](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11212>)0.0Unknown \n[CVE-2017-11214](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11214>)0.0Unknown \n[CVE-2017-11216](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11216>)0.0Unknown \n[CVE-2017-11217](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11217>)0.0Unknown \n[CVE-2017-11218](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11218>)0.0Unknown \n[CVE-2017-11219](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11219>)0.0Unknown \n[CVE-2017-11220](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11220>)0.0Unknown\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).", "edition": 45, "modified": "2020-06-18T00:00:00", "published": "2017-08-08T00:00:00", "id": "KLA11086", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11086", "title": "\r KLA11086Multiple vulnerabilities in Adobe Acrobat and Adobe Reader ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
