DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2017-16400", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2017-16400", "description": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the JPEG 2000 parser. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.", "published": "2017-12-09T06:29:00", "modified": "2017-12-15T15:31:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16400", "reporter": "psirt@adobe.com", "references": ["https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", "http://www.securitytracker.com/id/1039791", "http://www.securityfocus.com/bid/102140"], "cvelist": ["CVE-2017-16400"], "immutableFields": [], "lastseen": "2022-03-23T14:40:44", "viewCount": 22, "enchantments": {"dependencies": {"references": [{"type": "adobe", "idList": ["APSB17-36"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0964"]}, {"type": "kaspersky", "idList": ["KLA11138"]}, {"type": "nessus", "idList": ["ADOBE_ACROBAT_APSB17-36.NASL", "ADOBE_READER_APSB17-36.NASL", "MACOSX_ADOBE_ACROBAT_APSB17-36.NASL", "MACOSX_ADOBE_READER_APSB17-36.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310811342", "OPENVAS:1361412562310811343", "OPENVAS:1361412562310811344", "OPENVAS:1361412562310811353", "OPENVAS:1361412562310812961", "OPENVAS:1361412562310812962", "OPENVAS:1361412562310812963", "OPENVAS:1361412562310812964", "OPENVAS:1361412562310812965", "OPENVAS:1361412562310812966", "OPENVAS:1361412562310812967", "OPENVAS:1361412562310812968", "OPENVAS:1361412562310812969", "OPENVAS:1361412562310812970"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A301F14EC6B3344991D5A39F51329164"]}, {"type": "zdi", "idList": ["ZDI-17-909"]}], "rev": 4}, "score": {"value": 9.7, "vector": "NONE"}, "twitter": {"counter": 2, "modified": "2020-12-09T20:13:26", "tweets": [{"link": "https://twitter.com/www_sesin_at/status/1353377170966654976", "text": "New post from https://t.co/9KYxtdZjkl?amp=1 (Adobe Acrobat Reader out-of-bounds read [CVE-2017-16400]) has been published on https://t.co/F0ShkAZdy1?amp=1"}, {"link": "https://twitter.com/WolfgangSesin/status/1353377174737342464", "text": "New post from https://t.co/uXvPWJy6tj?amp=1 (Adobe Acrobat Reader out-of-bounds read [CVE-2017-16400]) has been published on https://t.co/izEk299iWh?amp=1"}]}, "backreferences": {"references": [{"type": "adobe", "idList": ["APSB17-36"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0964"]}, {"type": "kaspersky", "idList": ["KLA11138"]}, {"type": "nessus", "idList": ["ADOBE_ACROBAT_APSB17-36.NASL", "ADOBE_READER_APSB17-36.NASL", "MACOSX_ADOBE_ACROBAT_APSB17-36.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310811342", "OPENVAS:1361412562310811343", "OPENVAS:1361412562310811344", "OPENVAS:1361412562310811353"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A301F14EC6B3344991D5A39F51329164"]}, {"type": "zdi", "idList": ["ZDI-17-909"]}]}, "exploitation": null, "vulnersScore": 9.7}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:adobe:acrobat_reader_dc:15.006.30355", "cpe:/a:adobe:acrobat_dc:15.006.30355", "cpe:/a:adobe:acrobat:11.0.22", "cpe:/a:adobe:acrobat:17.011.30066", "cpe:/a:adobe:acrobat_reader_dc:17.012.20098", "cpe:/a:adobe:acrobat_reader:17.011.30066", "cpe:/a:adobe:acrobat_reader:11.0.22", "cpe:/a:adobe:acrobat_dc:17.012.20098"], "cpe23": ["cpe:2.3:a:adobe:acrobat:17.011.30066:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:11.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:11.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:17.012.20098:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:15.006.30355:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:17.012.20098:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30355:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:17.011.30066:*:*:*:*:*:*:*"], "cwe": ["CWE-125"], "affectedSoftware": [{"cpeName": "adobe:acrobat_reader", "version": "11.0.22", "operator": "le", "name": "adobe acrobat reader"}, {"cpeName": "adobe:acrobat", "version": "17.011.30066", "operator": "le", "name": "adobe acrobat"}, {"cpeName": "adobe:acrobat", "version": "11.0.22", "operator": "le", "name": "adobe acrobat"}, {"cpeName": "adobe:acrobat_reader_dc", "version": "17.012.20098", "operator": "le", "name": "adobe acrobat reader dc"}, {"cpeName": "adobe:acrobat_dc", "version": "17.012.20098", "operator": "le", "name": "adobe acrobat dc"}, {"cpeName": "adobe:acrobat_dc", "version": "15.006.30355", "operator": "le", "name": "adobe acrobat dc"}, {"cpeName": "adobe:acrobat_reader", "version": "17.011.30066", "operator": "le", "name": "adobe acrobat reader"}, {"cpeName": "adobe:acrobat_reader_dc", "version": "15.006.30355", "operator": "le", "name": "adobe acrobat reader dc"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:11.0.22:*:*:*:*:*:*:*", "versionEndIncluding": "11.0.22", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat:17.011.30066:*:*:*:*:*:*:*", "versionStartIncluding": "17.0", "versionEndIncluding": "17.011.30066", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat:11.0.22:*:*:*:*:*:*:*", "versionEndIncluding": "11.0.22", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:17.012.20098:*:*:*:continuous:*:*:*", "versionStartIncluding": "-", "versionEndIncluding": "17.012.20098", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:17.012.20098:*:*:*:continuous:*:*:*", "versionStartIncluding": "-", "versionEndIncluding": "17.012.20098", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:15.006.30355:*:*:*:classic:*:*:*", "versionStartIncluding": "15.0", "versionEndIncluding": "15.006.30355", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:17.011.30066:*:*:*:*:*:*:*", "versionStartIncluding": "17.0", "versionEndIncluding": "17.011.30066", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30355:*:*:*:classic:*:*:*", "versionStartIncluding": "15.0", "versionEndIncluding": "15.006.30355", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"]}, {"url": "http://www.securitytracker.com/id/1039791", "name": "1039791", "refsource": "SECTRACK", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "http://www.securityfocus.com/bid/102140", "name": "102140", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"]}]}

{"zdi": [{"lastseen": "2022-01-31T21:27:40", "description": "This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ihdr structures in JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-11-14T00:00:00", "type": "zdi", "title": "Adobe Reader DC JPEG2000 ihdr Out-Of-Bounds Read Information Disclosure Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16400"], "modified": "2017-11-14T00:00:00", "id": "ZDI-17-909", "href": "https://www.zerodayinitiative.com/advisories/ZDI-17-909/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:32:53", "description": "An out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to computation that reads data that is past the end of the target buffer. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted PDF document.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-11-14T00:00:00", "type": "checkpoint_advisories", "title": "Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16400)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16400"], "modified": "2017-11-14T00:00:00", "id": "CPAI-2017-0964", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-12-23T00:00:02", "description": "### *Detect date*:\n11/14/2017\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service or bypass security restrictions.\n\n### *Affected products*:\nAdobe Reader XI 11.0.22 and earlier versions \nAdobe Acrobat XI 11.0.22 and earlier versions \nAdobe Acrobat 2017 2017.011.30066 and earlier versions \nAdobe Acrobat Reader 2017 2017.011.30066 and earlier versions \nAdobe Acrobat DC Classic 2015.006.30355 and earlier versions \nAdobe Acrobat DC Continuous 2017.012.20098 and earlier versions \nAdobe Acrobat Reader DC Classic 2015.006.30355 and earlier versions \nAdobe Acrobat Reader DC Continuous 2017.012.20098 and earlier versions\n\n### *Solution*:\nUpdate to the latest versions \n[Get Adobe Reader](<https://get.adobe.com/reader/?loc=ru>)\n\n### *Original advisories*:\n[Adobe Security Bulletin](<https://helpx.adobe.com/security/products/acrobat/apsb17-36.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Reader](<https://threats.kaspersky.com/en/product/Adobe-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2017-16364](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16364>)9.3Critical \n[CVE-2017-16371](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16371>)9.3Critical \n[CVE-2017-16372](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16372>)9.3Critical \n[CVE-2017-16373](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16373>)9.3Critical \n[CVE-2017-16375](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16375>)9.3Critical \n[CVE-2017-16411](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16411>)9.3Critical \n[CVE-2017-16377](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16377>)9.3Critical \n[CVE-2017-16378](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16378>)9.3Critical \n[CVE-2017-16360](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16360>)9.3Critical \n[CVE-2017-16388](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16388>)9.3Critical \n[CVE-2017-16389](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16389>)9.3Critical \n[CVE-2017-16390](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16390>)9.3Critical \n[CVE-2017-16393](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16393>)9.3Critical \n[CVE-2017-16398](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16398>)9.3Critical \n[CVE-2017-16381](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16381>)9.3Critical \n[CVE-2017-16385](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16385>)9.3Critical \n[CVE-2017-16392](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16392>)9.3Critical \n[CVE-2017-16395](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16395>)9.3Critical \n[CVE-2017-16396](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16396>)9.3Critical \n[CVE-2017-16363](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16363>)9.3Critical \n[CVE-2017-16365](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16365>)9.3Critical \n[CVE-2017-16374](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16374>)9.3Critical \n[CVE-2017-16384](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16384>)9.3Critical \n[CVE-2017-16386](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16386>)9.3Critical \n[CVE-2017-16387](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16387>)9.3Critical \n[CVE-2017-16368](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16368>)9.3Critical \n[CVE-2017-16383](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16383>)9.3Critical \n[CVE-2017-16391](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16391>)9.3Critical \n[CVE-2017-16410](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16410>)9.3Critical \n[CVE-2017-16362](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16362>)9.3Critical \n[CVE-2017-16370](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16370>)9.3Critical \n[CVE-2017-16376](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16376>)9.3Critical \n[CVE-2017-16382](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16382>)9.3Critical \n[CVE-2017-16394](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16394>)9.3Critical \n[CVE-2017-16397](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16397>)9.3Critical \n[CVE-2017-16399](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16399>)9.3Critical \n[CVE-2017-16400](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16400>)9.3Critical \n[CVE-2017-16401](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16401>)9.3Critical \n[CVE-2017-16402](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16402>)9.3Critical \n[CVE-2017-16403](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16403>)9.3Critical \n[CVE-2017-16404](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16404>)9.3Critical \n[CVE-2017-16405](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16405>)9.3Critical \n[CVE-2017-16408](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16408>)9.3Critical \n[CVE-2017-16409](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16409>)9.3Critical \n[CVE-2017-16412](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16412>)9.3Critical \n[CVE-2017-16414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16414>)9.3Critical \n[CVE-2017-16417](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16417>)9.3Critical \n[CVE-2017-16418](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16418>)9.3Critical \n[CVE-2017-16420](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16420>)9.3Critical \n[CVE-2017-16407](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16407>)9.3Critical \n[CVE-2017-16413](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16413>)9.3Critical \n[CVE-2017-16415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16415>)9.3Critical \n[CVE-2017-16416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16416>)9.3Critical \n[CVE-2017-16361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16361>)4.3Warning \n[CVE-2017-16366](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16366>)5.0Critical \n[CVE-2017-16369](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16369>)4.3Warning \n[CVE-2017-16380](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16380>)9.3Critical \n[CVE-2017-16419](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16419>)4.3Warning \n[CVE-2017-16367](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16367>)9.3Critical \n[CVE-2017-16379](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16379>)9.3Critical \n[CVE-2017-16406](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16406>)9.3Critical\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-11-14T00:00:00", "type": "kaspersky", "title": "KLA11138 Multiple vulnerabilities in Adobe Acrobat&Reader", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2020-06-18T00:00:00", "id": "KLA11138", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11138/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-10-24T21:24:05", "description": "This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-11-16T00:00:00", "type": "openvas", "title": "Adobe Reader Security Updates(apsb17-36)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-10-23T00:00:00", "id": "OPENVAS:1361412562310811342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Security Updates(apsb17-36)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811342\");\n script_version(\"2019-10-23T10:55:06+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n \"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n \"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n \"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n \"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n \"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n \"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n \"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n \"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n \"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n \"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n \"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n \"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n \"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n \"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n \"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-23 10:55:06 +0000 (Wed, 23 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-16 11:56:52 +0530 (Thu, 16 Nov 2017)\");\n script_name(\"Adobe Reader Security Updates(apsb17-36)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional downloads of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 11.x before 11.0.23 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 11.0.23 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nreaderVer = infos['version'];\nInstallPath = infos['location'];\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.22\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.23\", install_path:InstallPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:54", "description": "This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812966", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812966", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities-apsb17-36 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812966\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:41:02 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Classic Track)\n 2015.006.30355 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track)\n version 2015.006.30392 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30392 == 15.006.30392\nif(version_is_less(version:vers, test_version:\"15.006.30392\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30392 (2015.006.30392)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:14", "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (apsb17-36) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812969", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812969", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities-apsb17-36 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812969\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:57:24 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (apsb17-36) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2017.012.20098 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC version\n 2018.009.20044 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2018.009.20044 == 18.009.20044\nif(version_is_less(version:vers, test_version:\"18.009.20044\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"18.009.20044 (2018.009.20044)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:00", "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310812964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812964", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812964\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:10:48 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.011.30066 and earlier\n versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30068 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30068 == 17.011.30068\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30067\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30068 (2017.011.30068)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:06", "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310812961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812961", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812961\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 11:59:24 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017.011.30066 and earlier\n versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30068 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30068 == 17.011.30068\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30067\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30068 (2017.011.30068)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:42", "description": "This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812965", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities-apsb17-36 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812965\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:23:24 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Classic Track)\n 2015.006.30355 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track)\n version 2015.006.30392 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30392 == 15.006.30392\nif(version_is_less(version:vers, test_version:\"15.006.30392\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30392 (2015.006.30392)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:46", "description": "This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812967", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities-apsb17-36 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812967\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:23:24 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30355 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track)\n version 2015.006.30392 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30392 == 15.006.30392\nif(version_is_less(version:vers, test_version:\"15.006.30392\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30392 (2015.006.30392)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:40", "description": "This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812968", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities-apsb17-36 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812968\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:52:14 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30355 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track)\n version 2015.006.30392 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2015.006.30392 == 15.006.30392\nif(version_is_less(version:vers, test_version:\"15.006.30392\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30392 (2015.006.30392)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:46", "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310812970", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812970", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities-apsb17-36 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812970\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 13:02:47 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (apsb17-36) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2017.012.20098 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC version\n 2018.009.20044 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n##2018.009.20044 == 18.009.20044\nif(version_is_less(version:vers, test_version:\"18.009.20044\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"18.009.20044 (2018.009.20044)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:50", "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310812962", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812962", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812962\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:03:30 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat 2017 Multiple Vulnerabilities-apsb17-36 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017.011.30066 and earlier\n versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30068 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30068 == 17.011.30068\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30067\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30068 (2017.011.30068)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:09", "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310812963", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812963", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812963\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 12:10:24 +0530 (Tue, 06 Mar 2018)\");\n script_name(\"Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb17-36 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional download of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.011.30066 and earlier\n versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30068 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n##2017.011.30068 == 17.011.30068\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30067\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30068 (2017.011.30068)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:53", "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-11-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Security Updates(apsb17-36)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310811343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Security Updates(apsb17-36)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811343\");\n script_version(\"2019-05-17T13:14:58+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 13:14:58 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-16 11:56:52 +0530 (Thu, 16 Nov 2017)\");\n script_name(\"Adobe Acrobat Security Updates(apsb17-36)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional downloads of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.23 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 11.0.23 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nreaderVer = infos['version'];\nInstallPath = infos['location'];\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.22\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.23\", install_path:InstallPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:24:49", "description": "This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-11-16T00:00:00", "type": "openvas", "title": "Adobe Reader Security Updates(apsb17-36)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310811353", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811353", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Security Updates(apsb17-36)-Windows\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811353\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n\t\t\"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n\t\t\"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n\t\t\"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n\t\t\"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n\t\t\"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n\t\t\"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n\t\t\"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n\t\t\"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n\t\t\"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n\t\t\"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n\t\t\"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n\t\t\"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n\t\t\"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n\t\t\"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n\t\t\"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-16 11:56:52 +0530 (Thu, 16 Nov 2017)\");\n script_name(\"Adobe Reader Security Updates(apsb17-36)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional downloads of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 11.x before 11.0.23 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 11.0.23 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nreaderVer = infos['version'];\nInstallPath = infos['location'];\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.22\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.23\", install_path:InstallPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-24T21:24:04", "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-11-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Security Updates(apsb17-36)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16367", "CVE-2017-16377", "CVE-2017-11308", "CVE-2017-16361", "CVE-2017-16378", "CVE-2017-16404", "CVE-2017-16409", "CVE-2017-11306", "CVE-2017-16418", "CVE-2017-16370", "CVE-2017-16413", "CVE-2017-16371", "CVE-2017-16376", "CVE-2017-16408", "CVE-2017-16407", "CVE-2017-16395", "CVE-2017-16387", "CVE-2017-16396", "CVE-2017-16398", "CVE-2017-16386", "CVE-2017-16420", "CVE-2017-11293", "CVE-2017-16363", "CVE-2017-16412", "CVE-2017-16364", "CVE-2017-16374", "CVE-2017-16394", "CVE-2017-16390", "CVE-2017-11240", "CVE-2017-16399", "CVE-2017-16381", "CVE-2017-16414", "CVE-2017-16393", "CVE-2017-16379", "CVE-2017-16410", "CVE-2017-16382", "CVE-2017-16400", "CVE-2017-16362", "CVE-2017-11307", "CVE-2017-11253", "CVE-2017-16368", "CVE-2017-16419", "CVE-2017-16365", "CVE-2017-16402", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16415", "CVE-2017-16403", "CVE-2017-16397", "CVE-2017-16417", "CVE-2017-16360", "CVE-2017-16416", "CVE-2017-16383", "CVE-2017-16369", "CVE-2017-16385", "CVE-2017-16384", "CVE-2017-16380", "CVE-2017-16401", "CVE-2017-16411", "CVE-2017-11250", "CVE-2017-16391", "CVE-2017-16389", "CVE-2017-16375", "CVE-2017-16388", "CVE-2017-16392", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16366"], "modified": "2019-10-23T00:00:00", "id": "OPENVAS:1361412562310811344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Security Updates(apsb17-36)-MAC OS X\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811344\");\n script_version(\"2019-10-23T10:55:06+0000\");\n script_cve_id(\"CVE-2017-16377\", \"CVE-2017-16378\", \"CVE-2017-16360\", \"CVE-2017-16388\",\n \"CVE-2017-16389\", \"CVE-2017-16390\", \"CVE-2017-16393\", \"CVE-2017-16398\",\n \"CVE-2017-16381\", \"CVE-2017-16385\", \"CVE-2017-16392\", \"CVE-2017-16395\",\n \"CVE-2017-16396\", \"CVE-2017-16363\", \"CVE-2017-16365\", \"CVE-2017-16374\",\n \"CVE-2017-16384\", \"CVE-2017-16386\", \"CVE-2017-16387\", \"CVE-2017-16368\",\n \"CVE-2017-16383\", \"CVE-2017-16391\", \"CVE-2017-16410\", \"CVE-2017-16362\",\n \"CVE-2017-16370\", \"CVE-2017-16376\", \"CVE-2017-16382\", \"CVE-2017-16394\",\n \"CVE-2017-16397\", \"CVE-2017-16399\", \"CVE-2017-16400\", \"CVE-2017-16401\",\n \"CVE-2017-16402\", \"CVE-2017-16403\", \"CVE-2017-16404\", \"CVE-2017-16405\",\n \"CVE-2017-16408\", \"CVE-2017-16409\", \"CVE-2017-16412\", \"CVE-2017-16414\",\n \"CVE-2017-16417\", \"CVE-2017-16418\", \"CVE-2017-16420\", \"CVE-2017-11293\",\n \"CVE-2017-16407\", \"CVE-2017-16413\", \"CVE-2017-16415\", \"CVE-2017-16416\",\n \"CVE-2017-16361\", \"CVE-2017-16366\", \"CVE-2017-16369\", \"CVE-2017-16380\",\n \"CVE-2017-16419\", \"CVE-2017-16367\", \"CVE-2017-16379\", \"CVE-2017-16406\",\n \"CVE-2017-16364\", \"CVE-2017-16371\", \"CVE-2017-16372\", \"CVE-2017-16373\",\n \"CVE-2017-16375\", \"CVE-2017-16411\", \"CVE-2017-11307\", \"CVE-2017-11308\",\n \"CVE-2017-11240\", \"CVE-2017-11250\", \"CVE-2017-11306\", \"CVE-2017-11253\");\n script_bugtraq_id(101821, 101818, 101831, 101824, 101816, 101823, 101819, 101812,\n 101830, 101820, 101814, 101817, 101815, 101813);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-23 10:55:06 +0000 (Wed, 23 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-16 11:56:52 +0530 (Thu, 16 Nov 2017)\");\n script_name(\"Adobe Acrobat Security Updates(apsb17-36)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Two access of uninitialized point vulnerabilities that could result in\n remote could execution,\n\n - Six use after free vulnerabilities that could result in remote code execution.\n\n - Five buffer access with incorrect length value vulnerabilities that could\n result in remote code execution.\n\n - Six buffer over-read vulnerabilities that could result in remote code\n execution.\n\n - A buffer overflow vulnerability that could result in remote code execution.\n\n - A heap overflow vulnerability that could result in remote code execution.\n\n - Two improper validation of array index vulnerabilities that could result\n in remote code execution.\n\n - Multiple out-of-bounds read vulnerabilities that could result in remote code\n execution.\n\n - Four out-of-bounds write vulnerabilities that could result in remote code\n execution.\n\n - Two security bypass vulnerabilities that could result in drive-by-downloads.\n\n - A security bypass vulnerability that could result in information disclosure.\n\n - A security bypass vulnerability that could result in remote code execution.\n\n - A stack exhaustion vulnerability that could result in excessive resource\n consumption.\n\n - Three type confusion vulnerabilities that could result in remote code\n execution.\n\n - Six untrusted pointer dereference vulnerabilities that could result in remote\n code execution.\n\n - For more details, refer the reference links mentioned.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application.\n Failed attacks may cause a denial-of-service condition. Also attackers will be\n able to gain access to potentially sensitive information, get excessive resource\n consumption and get unintentional downloads of malicious software.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.23 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 11.0.23 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nreaderVer = infos['version'];\nInstallPath = infos['location'];\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.22\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.23\", install_path:InstallPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-03-27T16:10:59", "description": "The version of Adobe Acrobat installed on the remote Windows host is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068, or 2018.009.20044. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-16T00:00:00", "type": "nessus", "title": "Adobe Acrobat < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11240", "CVE-2017-11250", "CVE-2017-11293", "CVE-2017-11306", "CVE-2017-11307", "CVE-2017-11308", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB17-36.NASL", "href": "https://www.tenable.com/plugins/nessus/104626", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104626);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2017-11240\",\n \"CVE-2017-11250\",\n \"CVE-2017-11293\",\n \"CVE-2017-11306\",\n \"CVE-2017-11307\",\n \"CVE-2017-11308\",\n \"CVE-2017-16360\",\n \"CVE-2017-16361\",\n \"CVE-2017-16362\",\n \"CVE-2017-16363\",\n \"CVE-2017-16364\",\n \"CVE-2017-16365\",\n \"CVE-2017-16366\",\n \"CVE-2017-16367\",\n \"CVE-2017-16368\",\n \"CVE-2017-16369\",\n \"CVE-2017-16370\",\n \"CVE-2017-16371\",\n \"CVE-2017-16372\",\n \"CVE-2017-16373\",\n \"CVE-2017-16374\",\n \"CVE-2017-16375\",\n \"CVE-2017-16376\",\n \"CVE-2017-16377\",\n \"CVE-2017-16378\",\n \"CVE-2017-16379\",\n \"CVE-2017-16380\",\n \"CVE-2017-16381\",\n \"CVE-2017-16382\",\n \"CVE-2017-16383\",\n \"CVE-2017-16384\",\n \"CVE-2017-16385\",\n \"CVE-2017-16386\",\n \"CVE-2017-16387\",\n \"CVE-2017-16388\",\n \"CVE-2017-16389\",\n \"CVE-2017-16390\",\n \"CVE-2017-16391\",\n \"CVE-2017-16392\",\n \"CVE-2017-16393\",\n \"CVE-2017-16394\",\n \"CVE-2017-16395\",\n \"CVE-2017-16396\",\n \"CVE-2017-16397\",\n \"CVE-2017-16398\",\n \"CVE-2017-16399\",\n \"CVE-2017-16400\",\n \"CVE-2017-16401\",\n \"CVE-2017-16402\",\n \"CVE-2017-16403\",\n \"CVE-2017-16404\",\n \"CVE-2017-16405\",\n \"CVE-2017-16406\",\n \"CVE-2017-16407\",\n \"CVE-2017-16408\",\n \"CVE-2017-16409\",\n \"CVE-2017-16410\",\n \"CVE-2017-16411\",\n \"CVE-2017-16412\",\n \"CVE-2017-16413\",\n \"CVE-2017-16414\",\n \"CVE-2017-16415\",\n \"CVE-2017-16416\",\n \"CVE-2017-16417\",\n \"CVE-2017-16418\",\n \"CVE-2017-16419\",\n \"CVE-2017-16420\"\n );\n script_bugtraq_id(\n 101812,\n 101813,\n 101814,\n 101815,\n 101816,\n 101817,\n 101818,\n 101819,\n 101820,\n 101821,\n 101823,\n 101824,\n 101830,\n 101831\n );\n\n script_name(english:\"Adobe Acrobat < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is a\nversion prior to 11.0.23, 2015.006.30392, 2017.011.30068,\nor 2018.009.20044. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 11.0.23 / 2015.006.30392 / 2017.011.30068\n/ 2018.009.20044 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-11293\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\", win_local:TRUE);\nconstraints = [\n { \"min_version\" : \"11.0\", \"fixed_version\" : \"11.0.23\" },\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.6.30355\", \"fixed_version\" : \"15.6.30392\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.11.30066\", \"fixed_version\" : \"17.11.30068\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"17.12.20098\", \"fixed_version\" : \"18.9.20044\"}\n];\n# using adobe_reader namespace check_version_and_report to properly detect Continuous vs Classic, \n# and limit ver segments to 3 (18.x.y vs 18.x.y.12345) with max_segs:3\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T16:09:47", "description": "The version of Adobe Reader installed on the remote Windows host is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068, or 2018.009.20044. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-16T00:00:00", "type": "nessus", "title": "Adobe Reader < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11240", "CVE-2017-11250", "CVE-2017-11293", "CVE-2017-11306", "CVE-2017-11307", "CVE-2017-11308", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB17-36.NASL", "href": "https://www.tenable.com/plugins/nessus/104627", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104627);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2017-11240\",\n \"CVE-2017-11250\",\n \"CVE-2017-11293\",\n \"CVE-2017-11306\",\n \"CVE-2017-11307\",\n \"CVE-2017-11308\",\n \"CVE-2017-16360\",\n \"CVE-2017-16361\",\n \"CVE-2017-16362\",\n \"CVE-2017-16363\",\n \"CVE-2017-16364\",\n \"CVE-2017-16365\",\n \"CVE-2017-16366\",\n \"CVE-2017-16367\",\n \"CVE-2017-16368\",\n \"CVE-2017-16369\",\n \"CVE-2017-16370\",\n \"CVE-2017-16371\",\n \"CVE-2017-16372\",\n \"CVE-2017-16373\",\n \"CVE-2017-16374\",\n \"CVE-2017-16375\",\n \"CVE-2017-16376\",\n \"CVE-2017-16377\",\n \"CVE-2017-16378\",\n \"CVE-2017-16379\",\n \"CVE-2017-16380\",\n \"CVE-2017-16381\",\n \"CVE-2017-16382\",\n \"CVE-2017-16383\",\n \"CVE-2017-16384\",\n \"CVE-2017-16385\",\n \"CVE-2017-16386\",\n \"CVE-2017-16387\",\n \"CVE-2017-16388\",\n \"CVE-2017-16389\",\n \"CVE-2017-16390\",\n \"CVE-2017-16391\",\n \"CVE-2017-16392\",\n \"CVE-2017-16393\",\n \"CVE-2017-16394\",\n \"CVE-2017-16395\",\n \"CVE-2017-16396\",\n \"CVE-2017-16397\",\n \"CVE-2017-16398\",\n \"CVE-2017-16399\",\n \"CVE-2017-16400\",\n \"CVE-2017-16401\",\n \"CVE-2017-16402\",\n \"CVE-2017-16403\",\n \"CVE-2017-16404\",\n \"CVE-2017-16405\",\n \"CVE-2017-16406\",\n \"CVE-2017-16407\",\n \"CVE-2017-16408\",\n \"CVE-2017-16409\",\n \"CVE-2017-16410\",\n \"CVE-2017-16411\",\n \"CVE-2017-16412\",\n \"CVE-2017-16413\",\n \"CVE-2017-16414\",\n \"CVE-2017-16415\",\n \"CVE-2017-16416\",\n \"CVE-2017-16417\",\n \"CVE-2017-16418\",\n \"CVE-2017-16419\",\n \"CVE-2017-16420\"\n );\n script_bugtraq_id(\n 101812,\n 101813,\n 101814,\n 101815,\n 101816,\n 101817,\n 101818,\n 101819,\n 101820,\n 101821,\n 101823,\n 101824,\n 101830,\n 101831\n );\n\n script_name(english:\"Adobe Reader < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is a\nversion prior to 11.0.23, 2015.006.30392, 2017.011.30068,\nor 2018.009.20044. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 11.0.23 / 2015.006.30392 / 2017.011.30068\n/ 2018.009.20044 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-11293\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::adobe_reader::get_app_info();\nconstraints = [\n { \"min_version\" : \"11.0\", \"fixed_version\" : \"11.0.23\" },\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.6.30355\", \"fixed_version\" : \"15.6.30392\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.11.30066\", \"fixed_version\" : \"17.11.30068\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"17.12.20098\", \"fixed_version\" : \"18.9.20044\"}\n];\n# using adobe_reader namespace check_version_and_report to properly detect Continuous vs Classic, \n# and limit ver segments to 3 (18.x.y vs 18.x.y.12345) with max_segs:3\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T16:08:36", "description": "The version of Adobe Reader installed on the remote macOS or Mac OS X host is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068, or 2018.009.20044. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-17T00:00:00", "type": "nessus", "title": "Adobe Reader < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11240", "CVE-2017-11250", "CVE-2017-11293", "CVE-2017-11306", "CVE-2017-11307", "CVE-2017-11308", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOSX_ADOBE_READER_APSB17-36.NASL", "href": "https://www.tenable.com/plugins/nessus/104672", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104672);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2017-11240\",\n \"CVE-2017-11250\",\n \"CVE-2017-11293\",\n \"CVE-2017-11306\",\n \"CVE-2017-11307\",\n \"CVE-2017-11308\",\n \"CVE-2017-16360\",\n \"CVE-2017-16361\",\n \"CVE-2017-16362\",\n \"CVE-2017-16363\",\n \"CVE-2017-16364\",\n \"CVE-2017-16365\",\n \"CVE-2017-16366\",\n \"CVE-2017-16367\",\n \"CVE-2017-16368\",\n \"CVE-2017-16369\",\n \"CVE-2017-16370\",\n \"CVE-2017-16371\",\n \"CVE-2017-16372\",\n \"CVE-2017-16373\",\n \"CVE-2017-16374\",\n \"CVE-2017-16375\",\n \"CVE-2017-16376\",\n \"CVE-2017-16377\",\n \"CVE-2017-16378\",\n \"CVE-2017-16379\",\n \"CVE-2017-16380\",\n \"CVE-2017-16381\",\n \"CVE-2017-16382\",\n \"CVE-2017-16383\",\n \"CVE-2017-16384\",\n \"CVE-2017-16385\",\n \"CVE-2017-16386\",\n \"CVE-2017-16387\",\n \"CVE-2017-16388\",\n \"CVE-2017-16389\",\n \"CVE-2017-16390\",\n \"CVE-2017-16391\",\n \"CVE-2017-16392\",\n \"CVE-2017-16393\",\n \"CVE-2017-16394\",\n \"CVE-2017-16395\",\n \"CVE-2017-16396\",\n \"CVE-2017-16397\",\n \"CVE-2017-16398\",\n \"CVE-2017-16399\",\n \"CVE-2017-16400\",\n \"CVE-2017-16401\",\n \"CVE-2017-16402\",\n \"CVE-2017-16403\",\n \"CVE-2017-16404\",\n \"CVE-2017-16405\",\n \"CVE-2017-16406\",\n \"CVE-2017-16407\",\n \"CVE-2017-16408\",\n \"CVE-2017-16409\",\n \"CVE-2017-16410\",\n \"CVE-2017-16411\",\n \"CVE-2017-16412\",\n \"CVE-2017-16413\",\n \"CVE-2017-16414\",\n \"CVE-2017-16415\",\n \"CVE-2017-16416\",\n \"CVE-2017-16417\",\n \"CVE-2017-16418\",\n \"CVE-2017-16419\",\n \"CVE-2017-16420\"\n );\n script_bugtraq_id(\n 101812,\n 101813,\n 101814,\n 101815,\n 101816,\n 101817,\n 101818,\n 101819,\n 101820,\n 101821,\n 101823,\n 101824,\n 101830,\n 101831\n );\n\n script_name(english:\"Adobe Reader < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote host is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068,\nor 2018.009.20044. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 11.0.23 / 2015.006.30392 / 2017.011.30068\n/ 2018.009.20044 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-11293\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Reader\");\nbase_dir = app_info['path'] - \"/Applications\";\ntrack = get_kb_item(\"MacOSX/Adobe_Reader\"+base_dir+\"/Track\");\n\nif (!isnull(track) && track == '2017')\n{\n constraints = [\n { \"min_version\" : \"17.8\", \"fixed_version\" : \"17.11.30068\" }\n ];\n\n}\nelse\n{\n constraints = [\n { \"min_version\" : \"11\", \"fixed_version\" : \"11.0.23\" },\n { \"min_version\" : \"15.6\", \"fixed_version\" : \"15.6.30392\" },\n { \"min_version\" : \"15.7\", \"fixed_version\" : \"18.9.20044\" }\n ];\n}\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T16:09:21", "description": "The version of Adobe Acrobat installed on the remote macOS or Mac OS X host is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068, or 2018.009.20044. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-17T00:00:00", "type": "nessus", "title": "Adobe Acrobat < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11240", "CVE-2017-11250", "CVE-2017-11293", "CVE-2017-11306", "CVE-2017-11307", "CVE-2017-11308", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOSX_ADOBE_ACROBAT_APSB17-36.NASL", "href": "https://www.tenable.com/plugins/nessus/104671", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104671);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2017-11240\",\n \"CVE-2017-11250\",\n \"CVE-2017-11293\",\n \"CVE-2017-11306\",\n \"CVE-2017-11307\",\n \"CVE-2017-11308\",\n \"CVE-2017-16360\",\n \"CVE-2017-16361\",\n \"CVE-2017-16362\",\n \"CVE-2017-16363\",\n \"CVE-2017-16364\",\n \"CVE-2017-16365\",\n \"CVE-2017-16366\",\n \"CVE-2017-16367\",\n \"CVE-2017-16368\",\n \"CVE-2017-16369\",\n \"CVE-2017-16370\",\n \"CVE-2017-16371\",\n \"CVE-2017-16372\",\n \"CVE-2017-16373\",\n \"CVE-2017-16374\",\n \"CVE-2017-16375\",\n \"CVE-2017-16376\",\n \"CVE-2017-16377\",\n \"CVE-2017-16378\",\n \"CVE-2017-16379\",\n \"CVE-2017-16380\",\n \"CVE-2017-16381\",\n \"CVE-2017-16382\",\n \"CVE-2017-16383\",\n \"CVE-2017-16384\",\n \"CVE-2017-16385\",\n \"CVE-2017-16386\",\n \"CVE-2017-16387\",\n \"CVE-2017-16388\",\n \"CVE-2017-16389\",\n \"CVE-2017-16390\",\n \"CVE-2017-16391\",\n \"CVE-2017-16392\",\n \"CVE-2017-16393\",\n \"CVE-2017-16394\",\n \"CVE-2017-16395\",\n \"CVE-2017-16396\",\n \"CVE-2017-16397\",\n \"CVE-2017-16398\",\n \"CVE-2017-16399\",\n \"CVE-2017-16400\",\n \"CVE-2017-16401\",\n \"CVE-2017-16402\",\n \"CVE-2017-16403\",\n \"CVE-2017-16404\",\n \"CVE-2017-16405\",\n \"CVE-2017-16406\",\n \"CVE-2017-16407\",\n \"CVE-2017-16408\",\n \"CVE-2017-16409\",\n \"CVE-2017-16410\",\n \"CVE-2017-16411\",\n \"CVE-2017-16412\",\n \"CVE-2017-16413\",\n \"CVE-2017-16414\",\n \"CVE-2017-16415\",\n \"CVE-2017-16416\",\n \"CVE-2017-16417\",\n \"CVE-2017-16418\",\n \"CVE-2017-16419\",\n \"CVE-2017-16420\"\n );\n script_bugtraq_id(\n 101812,\n 101813,\n 101814,\n 101815,\n 101816,\n 101817,\n 101818,\n 101819,\n 101820,\n 101821,\n 101823,\n 101824,\n 101830,\n 101831\n );\n\n script_name(english:\"Adobe Acrobat < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote host is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS or Mac OS X\nhost is a version prior to 11.0.23, 2015.006.30392, 2017.011.30068,\nor 2018.009.20044. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb17-36.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat 11.0.23 / 2015.006.30392 / 2017.011.30068\n/ 2018.009.20044 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-11293\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\");\n\n constraints = [\n { \"min_version\" : \"11\", \"fixed_version\" : \"11.0.23\" },\n { \"min_version\" : \"15.6\", \"fixed_version\" : \"15.6.30392\" },\n { \"min_version\" : \"15.7\", \"fixed_version\" : \"18.9.20044\" },\n { \"min_version\" : \"17.8\", \"fixed_version\" : \"17.11.30068\" }\n ];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "trendmicroblog": [{"lastseen": "2017-11-26T20:03:00", "description": "\n\nIt\u2019s that time of year again, when many will gather with their families, eat way too much, and catch those crazy Black Friday sales. I\u2019ve been seeing \u201cBlack Friday\u201d sales for almost two weeks now. Cyber Monday, which falls on the Monday after the U.S. Thanksgiving holiday, is probably going to be coupled with news of increased identity theft incidents.\n\nI\u2019ve said it before and I\u2019ll say it again: if you choose to skip Black Friday and wait for Cyber Monday, be on the lookout for great deals you learn about via email or social media (don\u2019t click the links!). Don\u2019t use free public Wi-Fi to make purchases; and make sure sites you visit are secure (HTTPS) and have a valid encryption certificate. If you\u2019re using your mobile phone, make sure you download apps from official app marketplaces or use a retailer\u2019s actual URL. I hope you all have a safe and Happy Thanksgiving!\n\n**Adobe Security Update**\n\nThis week\u2019s Digital Vaccine\u00ae (DV) package includes coverage for Adobe updates released on or before November 14, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an asterisk (*) shipped prior to this DV package, providing preemptive zero-day protection for customers. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [November 2017 Security Update Review](<https://www.zerodayinitiative.com/blog/2017/11/14/the-november-2017-security-update-review>) from the Zero Day Initiative:\n\n**Bulletin #** | **CVE #** | **Digital Vaccine Filter #** | **Status** \n---|---|---|--- \nAPSB17-36 | CVE-2017-16360 | 29994 | \nAPSB17-36 | CVE-2017-16361 | 29999 | \nAPSB17-36 | CVE-2017-16362 | 30030 | \nAPSB17-36 | CVE-2017-16363 | 30023 | \nAPSB17-36 | CVE-2017-16364 | 30006 | \nAPSB17-36 | CVE-2017-16365 | 30027 | \nAPSB17-36 | CVE-2017-16366 | 30019 | \nAPSB17-36 | CVE-2017-16367 | 30014 | \nAPSB17-36 | CVE-2017-16368 | 30015 | \nAPSB17-36 | CVE-2017-16369 | *28924 | \nAPSB17-36 | CVE-2017-16370 | 29996 | \nAPSB17-36 | CVE-2017-16371 | 30001 | \nAPSB17-36 | CVE-2017-16372 | 30004 | \nAPSB17-36 | CVE-2017-16373 | 30039 | \nAPSB17-36 | CVE-2017-16374 | 30044 | \nAPSB17-36 | CVE-2017-16375 | 30043 | \nAPSB17-36 | CVE-2017-16376 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-36 | CVE-2017-16377 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-36 | CVE-2017-16378 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-36 | CVE-2017-16379 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-36 | CVE-2017-16380 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-36 | CVE-2017-16381 | *29639 | \nAPSB17-36 | CVE-2017-16382 | *29638 | \nAPSB17-36 | CVE-2017-16383 | *29637 | \nAPSB17-36 | CVE-2017-16384 | *29636 | \nAPSB17-36 | CVE-2017-16385 | *29635 | \nAPSB17-36 | CVE-2017-16386 | *29584 | \nAPSB17-36 | CVE-2017-16387 | *29484 | \nAPSB17-36 | CVE-2017-16388 | 30040 | \nAPSB17-36 | CVE-2017-16389 | 30041 | \nAPSB17-36 | CVE-2017-16390 | 29998 | \nAPSB17-36 | CVE-2017-16391 | 30003 | \nAPSB17-36 | CVE-2017-16392 | 30002 | \nAPSB17-36 | CVE-2017-16393 | 30005 | \nAPSB17-36 | CVE-2017-16394 | 30035 | \nAPSB17-36 | CVE-2017-16395 | 30037 | \nAPSB17-36 | CVE-2017-16396 | 30032 | \nAPSB17-36 | CVE-2017-16397 | 30000 | \nAPSB17-36 | CVE-2017-16398 | 29995 | \nAPSB17-36 | CVE-2017-16399 | 29997 | \nAPSB17-36 | CVE-2017-16400 | *29852 | \nAPSB17-36 | CVE-2017-16401 | *29851 | \nAPSB17-36 | CVE-2017-16402 | *29853 | \nAPSB17-36 | CVE-2017-16403 | *29833 | \nAPSB17-36 | CVE-2017-16404 | *29850 | \nAPSB17-36 | CVE-2017-16405 | 30038 | \nAPSB17-36 | CVE-2017-16406 | 30042 | \nAPSB17-36 | CVE-2017-16407 | 30045 | \nAPSB17-36 | CVE-2017-16408 | 30034 | \nAPSB17-36 | CVE-2017-16409 | 30036 | \nAPSB17-36 | CVE-2017-16410 | 30024 | \nAPSB17-36 | CVE-2017-16411 | 30021 | \nAPSB17-36 | CVE-2017-16412 | 30020 | \nAPSB17-36 | CVE-2017-16413 | 30018 | \nAPSB17-36 | CVE-2017-16414 | 30016 | \nAPSB17-36 | CVE-2017-16415 | 30025 | \nAPSB17-36 | CVE-2017-16416 | 30007 | \nAPSB17-36 | CVE-2017-16417 | 30013 | \nAPSB17-36 | CVE-2017-16418 | 30017 | \nAPSB17-36 | CVE-2017-16419 | 30022 | \nAPSB17-36 | CVE-2017-16420 | 30026 | \nAPSB17-36 | CVE-2017-11293 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nAPSB17-33 | CVE-2017-3112 | 30008 | \nAPSB17-33 | CVE-2017-3114 | 30009 | \nAPSB17-33 | CVE-2017-11213 | 30010 | \nAPSB17-33 | CVE-2017-11215 | 30011 | \nAPSB17-33 | CVE-2017-11225 | 30012 | \n \n \n\n**Zero-Day Filters**\n\nThere are no new zero-day filters in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website. You can also follow the Zero Day Initiative on Twitter [@thezdi](<https://twitter.com/thezdi>) and on their [blog](<https://www.zerodayinitiative.com/blog>).\n\n**Missed Last Week\u2019s News?**\n\nCatch up on last week\u2019s news in my [weekly recap](<http://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-november-13-2017/>).", "cvss3": {}, "published": "2017-11-22T14:10:15", "type": "trendmicroblog", "title": "TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of November 20, 2017", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2017-11213", "CVE-2017-11215", "CVE-2017-11225", "CVE-2017-11293", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420", "CVE-2017-3112", "CVE-2017-3114"], "modified": "2017-11-22T14:10:15", "id": "TRENDMICROBLOG:A301F14EC6B3344991D5A39F51329164", "href": "https://blog.trendmicro.com/tippingpoint-threat-intelligence-zero-day-coverage-week-november-20-2017/", "cvss": {"score": 0.0, "vector": "NONE"}}], "adobe": [{"lastseen": "2021-09-30T17:39:51", "description": "Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address [critical]() vulnerabilities that could potentially allow an attacker to take control of the affected system. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-11-14T00:00:00", "type": "adobe", "title": "APSB17-36 Security updates available for Adobe Acrobat and Reader", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11240", "CVE-2017-11250", "CVE-2017-11253", "CVE-2017-11293", "CVE-2017-11306", "CVE-2017-11307", "CVE-2017-11308", "CVE-2017-16360", "CVE-2017-16361", "CVE-2017-16362", "CVE-2017-16363", "CVE-2017-16364", "CVE-2017-16365", "CVE-2017-16366", "CVE-2017-16367", "CVE-2017-16368", "CVE-2017-16369", "CVE-2017-16370", "CVE-2017-16371", "CVE-2017-16372", "CVE-2017-16373", "CVE-2017-16374", "CVE-2017-16375", "CVE-2017-16376", "CVE-2017-16377", "CVE-2017-16378", "CVE-2017-16379", "CVE-2017-16380", "CVE-2017-16381", "CVE-2017-16382", "CVE-2017-16383", "CVE-2017-16384", "CVE-2017-16385", "CVE-2017-16386", "CVE-2017-16387", "CVE-2017-16388", "CVE-2017-16389", "CVE-2017-16390", "CVE-2017-16391", "CVE-2017-16392", "CVE-2017-16393", "CVE-2017-16394", "CVE-2017-16395", "CVE-2017-16396", "CVE-2017-16397", "CVE-2017-16398", "CVE-2017-16399", "CVE-2017-16400", "CVE-2017-16401", "CVE-2017-16402", "CVE-2017-16403", "CVE-2017-16404", "CVE-2017-16405", "CVE-2017-16406", "CVE-2017-16407", "CVE-2017-16408", "CVE-2017-16409", "CVE-2017-16410", "CVE-2017-16411", "CVE-2017-16412", "CVE-2017-16413", "CVE-2017-16414", "CVE-2017-16415", "CVE-2017-16416", "CVE-2017-16417", "CVE-2017-16418", "CVE-2017-16419", "CVE-2017-16420"], "modified": "2017-11-14T00:00:00", "id": "APSB17-36", "href": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}