ID CVE-2017-3090 Type cve Reporter cve@mitre.org Modified 2019-10-03T00:03:00
Description
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution.
{"openvas": [{"lastseen": "2019-05-29T18:34:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3097", "CVE-2017-3096", "CVE-2017-3093", "CVE-2017-3088", "CVE-2017-3092", "CVE-2017-3089", "CVE-2017-3095", "CVE-2017-3094", "CVE-2017-3090"], "description": "This host is installed with Adobe Digital Edition\n and is prone to multiple vulnerabilities.", "modified": "2019-03-14T00:00:00", "published": "2017-06-20T00:00:00", "id": "OPENVAS:1361412562310811116", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811116", "type": "openvas", "title": "Adobe Digital Editions Multiple Vulnerabilities Jun17 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_digital_editions_mult_vuln_jun17_win.nasl 14175 2019-03-14 11:27:57Z cfischer $\n#\n# Adobe Digital Editions Multiple Vulnerabilities Jun17 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:digital_editions\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811116\");\n script_version(\"$Revision: 14175 $\");\n script_cve_id(\"CVE-2017-3088\", \"CVE-2017-3089\", \"CVE-2017-3093\", \"CVE-2017-3096\",\n \"CVE-2017-3090\", \"CVE-2017-3092\", \"CVE-2017-3097\", \"CVE-2017-3094\",\n \"CVE-2017-3095\");\n script_bugtraq_id(99020, 99024, 99021);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 12:27:57 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-20 10:45:13 +0530 (Tue, 20 Jun 2017)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"Adobe Digital Editions Multiple Vulnerabilities Jun17 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Digital Edition\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A memory corruption error.\n\n - Multiple insecure library loading errors.\n\n - A stack overflow error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code on the target system, escalate privileges\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Digital Edition prior to 4.5.5\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Digital Edition version\n 4.5.5 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_digital_edition_detect_win.nasl\");\n script_mandatory_keys(\"AdobeDigitalEdition/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!digitalVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:digitalVer, test_version:\"4.5.5\"))\n{\n report = report_fixed_ver(installed_version:digitalVer, fixed_version:\"4.5.5\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:21:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3097", "CVE-2017-3096", "CVE-2017-3093", "CVE-2017-3088", "CVE-2017-3092", "CVE-2017-3089", "CVE-2017-3095", "CVE-2017-3094", "CVE-2017-3090"], "description": "This host is installed with Adobe Digital Edition\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2017-02-15T00:00:00", "id": "OPENVAS:1361412562310811400", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811400", "type": "openvas", "title": "Adobe Digital Editions Multiple Vulnerabilities Jun17 (MAC OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Digital Editions Multiple Vulnerabilities Jun17 (MAC OS X)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:digital_editions\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811400\");\n script_version(\"2019-07-05T09:29:25+0000\");\n script_cve_id(\"CVE-2017-3088\", \"CVE-2017-3089\", \"CVE-2017-3093\", \"CVE-2017-3096\",\n \"CVE-2017-3090\", \"CVE-2017-3092\", \"CVE-2017-3097\", \"CVE-2017-3094\",\n \"CVE-2017-3095\");\n script_bugtraq_id(99020, 99024, 99021);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:29:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-02-15 09:38:58 +0530 (Wed, 15 Feb 2017)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Adobe Digital Editions Multiple Vulnerabilities Jun17 (MAC OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Digital Edition\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - A memory corruption error.\n\n - Multiple insecure library loading errors.\n\n - A stack overflow error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code on the target system, escalate privileges\n and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Digital Edition prior to 4.5.5 on\n Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Digital Edition version\n 4.5.5 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_digital_edition_detect_macosx.nasl\");\n script_mandatory_keys(\"AdobeDigitalEdition/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!digitalVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:digitalVer, test_version:\"4.5.5\"))\n{\n report = report_fixed_ver(installed_version:digitalVer, fixed_version:\"4.5.5\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:14:19", "description": "The version of Adobe Digital Editions installed on the remote Windows\nhost is prior to 4.5.5. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or the execution of arbitrary code.\n (CVE-2017-3088, CVE-2017-3089, CVE-2017-3093,\n CVE-2017-3096)\n\n - Multiple unspecified flaws exist related to insecure\n loading of libraries. A local attacker can exploit these\n to gain elevated privileges. (CVE-2017-3090,\n CVE-2017-3092, CVE-2017-3097)\n\n - Multiple stack-based buffer overflow conditions exist\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these to\n disclose memory contents. (CVE-2017-3094, CVE-2017-3095)", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-14T00:00:00", "title": "Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3097", "CVE-2017-3096", "CVE-2017-3093", "CVE-2017-3088", "CVE-2017-3092", "CVE-2017-3089", "CVE-2017-3095", "CVE-2017-3094", "CVE-2017-3090"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:digital_editions"], "id": "ADOBE_DIGITAL_EDITIONS_APSB17-07.NASL", "href": "https://www.tenable.com/plugins/nessus/100792", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100792);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n\n script_cve_id(\n \"CVE-2017-3088\",\n \"CVE-2017-3089\",\n \"CVE-2017-3090\",\n \"CVE-2017-3092\",\n \"CVE-2017-3093\",\n \"CVE-2017-3094\",\n \"CVE-2017-3095\",\n \"CVE-2017-3096\",\n \"CVE-2017-3097\"\n );\n script_bugtraq_id(\n 99020,\n 99021,\n 99024\n );\n\n script_name(english:\"Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)\");\n script_summary(english:\"Checks the version of Adobe Digital Editions.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Digital Editions installed on the remote Windows\nhost is prior to 4.5.5. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or the execution of arbitrary code.\n (CVE-2017-3088, CVE-2017-3089, CVE-2017-3093,\n CVE-2017-3096)\n\n - Multiple unspecified flaws exist related to insecure\n loading of libraries. A local attacker can exploit these\n to gain elevated privileges. (CVE-2017-3090,\n CVE-2017-3092, CVE-2017-3097)\n\n - Multiple stack-based buffer overflow conditions exist\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these to\n disclose memory contents. (CVE-2017-3094, CVE-2017-3095)\");\n # https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?344c096d\");\n # http://www.adobe.com/solutions/ebook/digital-editions/release-notes.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c3aa2f29\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Digital Editions version 4.5.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:digital_editions\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:'Windows');\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies('adobe_digital_editions_installed.nbin');\n script_require_keys(\"installed_sw/Adobe Digital Editions\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Adobe Digital Editions\", win_local:TRUE);\n\nconstraints = [\n { \"fixed_version\" : \"4.5.5\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:27:02", "description": "The version of Adobe Digital Editions installed on the remote macOS or\nMac OS X host is prior to 4.5.5. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or the execution of arbitrary code.\n (CVE-2017-3088, CVE-2017-3089, CVE-2017-3093,\n CVE-2017-3096)\n\n - Multiple unspecified flaws exist related to insecure\n loading of libraries. A local attacker can exploit these\n to gain elevated privileges. (CVE-2017-3090,\n CVE-2017-3092, CVE-2017-3097)\n\n - Multiple stack-based buffer overflow conditions exist\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these to\n disclose memory contents. (CVE-2017-3094, CVE-2017-3095)", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-14T00:00:00", "title": "Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-3097", "CVE-2017-3096", "CVE-2017-3093", "CVE-2017-3088", "CVE-2017-3092", "CVE-2017-3089", "CVE-2017-3095", "CVE-2017-3094", "CVE-2017-3090"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:digital_editions"], "id": "MACOSX_ADOBE_DIGITAL_EDITIONS_APSB17-07.NASL", "href": "https://www.tenable.com/plugins/nessus/100793", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100793);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2017-3088\",\n \"CVE-2017-3089\",\n \"CVE-2017-3090\",\n \"CVE-2017-3092\",\n \"CVE-2017-3093\",\n \"CVE-2017-3094\",\n \"CVE-2017-3095\",\n \"CVE-2017-3096\",\n \"CVE-2017-3097\"\n );\n script_bugtraq_id(\n 99020,\n 99021,\n 99024\n );\n\n script_name(english:\"Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Digital Editions on Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the the remote macOS or Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Digital Editions installed on the remote macOS or\nMac OS X host is prior to 4.5.5. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple memory corruption issues exist due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or the execution of arbitrary code.\n (CVE-2017-3088, CVE-2017-3089, CVE-2017-3093,\n CVE-2017-3096)\n\n - Multiple unspecified flaws exist related to insecure\n loading of libraries. A local attacker can exploit these\n to gain elevated privileges. (CVE-2017-3090,\n CVE-2017-3092, CVE-2017-3097)\n\n - Multiple stack-based buffer overflow conditions exist\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit these to\n disclose memory contents. (CVE-2017-3094, CVE-2017-3095)\");\n # https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?344c096d\");\n # http://www.adobe.com/solutions/ebook/digital-editions/release-notes.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c3aa2f29\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Digital Editions version 4.5.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:digital_editions\");\n script_end_attributes();\n\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_digital_editions_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Digital Editions\");\n\n exit(0);\n}\n\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\n\napp_info = vcf::get_app_info(app:\"Adobe Digital Editions\");\n\nconstraints = [\n { \"fixed_version\" : \"4.5.5\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
