The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2017.011.30196, 2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.
- Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551, CVE-2021-28554)
- Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
{"id": "ADOBE_ACROBAT_APSB21-37.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Adobe Acrobat <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37)", "description": "The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2017.011.30196, 2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551, CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-06-08T00:00:00", "modified": "2022-06-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/150343", "reporter": "This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28632", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28631", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28551", "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28552", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28554"], "cvelist": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"], "immutableFields": [], "lastseen": "2022-06-22T19:06:07", "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "adobe", "idList": ["APSB21-37"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0370"]}, {"type": "cve", "idList": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"]}, {"type": "nessus", "idList": ["ADOBE_READER_APSB21-37.NASL", "MACOS_ADOBE_ACROBAT_APSB21-37.NASL", "MACOS_ADOBE_READER_APSB21-37.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:23EF75126B24C22C999DAD4D7A2E9DF5"]}, {"type": "zdi", "idList": ["ZDI-21-659", "ZDI-21-661", "ZDI-21-662", "ZDI-21-663"]}], "rev": 4}, "score": {"value": 7.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "adobe", "idList": ["APSB21-37"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0370"]}, {"type": "cve", "idList": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"]}, {"type": "nessus", "idList": ["ADOBE_READER_APSB21-37.NASL", "MACOS_ADOBE_ACROBAT_APSB21-37.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:23EF75126B24C22C999DAD4D7A2E9DF5"]}, {"type": "zdi", "idList": ["ZDI-21-659", "ZDI-21-661", "ZDI-21-662", "ZDI-21-663"]}]}, "exploitation": null, "vulnersScore": 7.7}, "_state": {"dependencies": 0}, "_internal": {}, "pluginID": "150343", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150343);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/22\");\n\n script_cve_id(\n \"CVE-2021-28551\",\n \"CVE-2021-28552\",\n \"CVE-2021-28554\",\n \"CVE-2021-28631\",\n \"CVE-2021-28632\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0266-S\");\n\n script_name(english:\"Adobe Acrobat <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2017.011.30196,\n2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551,\n CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631,\n CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb21-37.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2017.011.30196 / 2020.001.30025 / 2021.001.20155 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-28632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Adobe Acrobat', win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.7', 'max_version' : '21.001.20155', 'fixed_version' : '21.005.20148' },\n { 'min_version' : '20.1', 'max_version' : '20.001.30025', 'fixed_version' : '20.004.30005' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30196', 'fixed_version' : '17.011.30197' }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, max_segs:3);\n", "naslFamily": "Windows", "cpe": ["cpe:/a:adobe:acrobat"], "solution": "Upgrade to Adobe Acrobat version 2017.011.30196 / 2020.001.30025 / 2021.001.20155 or later.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2021-28632", "vpr": {"risk factor": "High", "score": "8.9"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2021-06-08T00:00:00", "vulnerabilityPublicationDate": "2021-06-08T00:00:00", "exploitableWith": []}
{"nessus": [{"lastseen": "2022-06-22T19:07:41", "description": "The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2017.011.30196, 2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551, CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-06-08T00:00:00", "type": "nessus", "title": "Adobe Reader <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"], "modified": "2022-06-22T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOS_ADOBE_READER_APSB21-37.NASL", "href": "https://www.tenable.com/plugins/nessus/150340", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150340);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/22\");\n\n script_cve_id(\n \"CVE-2021-28551\",\n \"CVE-2021-28552\",\n \"CVE-2021-28554\",\n \"CVE-2021-28631\",\n \"CVE-2021-28632\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0266-S\");\n\n script_name(english:\"Adobe Reader <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2017.011.30196,\n2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551,\n CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631,\n CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb21-37.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2017.011.30196 / 2020.001.30025 / 2021.001.20155 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-28632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\nos = get_kb_item('Host/MacOSX/Version');\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');\n\napp_info = vcf::get_app_info(app:'Adobe Reader');\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.7', 'max_version' : '21.001.20155', 'fixed_version' : '21.005.20148' },\n { 'min_version' : '20.1', 'max_version' : '20.001.30025', 'fixed_version' : '20.004.30005' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30196', 'fixed_version' : '17.011.30197' }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, max_segs:3);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-22T19:07:42", "description": "The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2017.011.30196, 2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551, CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-06-08T00:00:00", "type": "nessus", "title": "Adobe Reader <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"], "modified": "2022-06-22T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB21-37.NASL", "href": "https://www.tenable.com/plugins/nessus/150341", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150341);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/22\");\n\n script_cve_id(\n \"CVE-2021-28551\",\n \"CVE-2021-28552\",\n \"CVE-2021-28554\",\n \"CVE-2021-28631\",\n \"CVE-2021-28632\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0266-S\");\n\n script_name(english:\"Adobe Reader <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2017.011.30196,\n2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551,\n CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631,\n CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb21-37.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2017.011.30197 / 2020.004.30005 / 2021.005.20048 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-28632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Adobe Reader', win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.7', 'max_version' : '21.001.20155', 'fixed_version' : '21.005.20048' },\n { 'min_version' : '20.1', 'max_version' : '20.001.30025', 'fixed_version' : '20.004.30005' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30196', 'fixed_version' : '17.011.30197' }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, max_segs:3);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-22T19:07:20", "description": "The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2017.011.30196, 2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551, CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631, CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-06-08T00:00:00", "type": "nessus", "title": "Adobe Acrobat <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"], "modified": "2022-06-22T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOS_ADOBE_ACROBAT_APSB21-37.NASL", "href": "https://www.tenable.com/plugins/nessus/150342", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150342);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/22\");\n\n script_cve_id(\n \"CVE-2021-28551\",\n \"CVE-2021-28552\",\n \"CVE-2021-28554\",\n \"CVE-2021-28631\",\n \"CVE-2021-28632\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0266-S\");\n\n script_name(english:\"Adobe Acrobat <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2017.011.30196,\n2020.001.30025, or 2021.001.20155. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2021-28551,\n CVE-2021-28554)\n\n - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2021-28552, CVE-2021-28631,\n CVE-2021-28632)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb21-37.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2017.011.30196 / 2020.001.30025 / 2021.001.20155 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-28632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"false\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\nos = get_kb_item('Host/MacOSX/Version');\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');\n\napp_info = vcf::get_app_info(app:'Adobe Acrobat');\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.7', 'max_version' : '21.001.20155', 'fixed_version' : '21.005.20148' },\n { 'min_version' : '20.1', 'max_version' : '20.001.30025', 'fixed_version' : '20.004.30005' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30196', 'fixed_version' : '17.011.30197' }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, max_segs:3);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "adobe": [{"lastseen": "2021-11-27T02:43:53", "description": "Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple [critical]() vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-08T00:00:00", "type": "adobe", "title": "APSB21-37 Security update available for Adobe Acrobat and Reader", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28631", "CVE-2021-28632"], "modified": "2021-06-08T00:00:00", "id": "APSB21-37", "href": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T16:36:17", "description": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-24T18:15:00", "type": "cve", "title": "CVE-2021-28551", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28551"], "modified": "2021-09-08T17:23:00", "cpe": ["cpe:/a:adobe:acrobat_reader:17.011.30194", "cpe:/a:adobe:acrobat:17.011.30194", "cpe:/a:adobe:acrobat:20.001.30020", "cpe:/a:adobe:acrobat_reader_dc:21.001.20149", "cpe:/a:adobe:acrobat_dc:21.001.20150", "cpe:/a:adobe:acrobat_reader_dc:21.001.20150", "cpe:/a:adobe:acrobat_reader:20.001.30020", "cpe:/a:adobe:acrobat_dc:21.001.20149"], "id": "CVE-2021-28551", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28551", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20150:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:20.001.30020:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat:17.011.30194:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20149:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:17.011.30194:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20149:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20150:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:20.001.30020:*:*:*:classic:*:*:*"]}, {"lastseen": "2022-03-23T16:36:24", "description": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-24T18:15:00", "type": "cve", "title": "CVE-2021-28554", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28554"], "modified": "2021-09-08T17:23:00", "cpe": ["cpe:/a:adobe:acrobat_reader:20.001.30025", "cpe:/a:adobe:acrobat:17.011.30196", "cpe:/a:adobe:acrobat_reader_dc:21.001.20155", "cpe:/a:adobe:acrobat_reader:17.011.30196", "cpe:/a:adobe:acrobat_dc:21.001.20155", "cpe:/a:adobe:acrobat:20.001.30025"], "id": "CVE-2021-28554", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28554", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:20.001.30025:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:20.001.30025:*:*:*:classic:*:*:*"]}, {"lastseen": "2022-03-23T16:36:21", "description": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-24T18:15:00", "type": "cve", "title": "CVE-2021-28552", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28552"], "modified": "2021-09-08T17:23:00", "cpe": ["cpe:/a:adobe:acrobat_reader:20.001.30025", "cpe:/a:adobe:acrobat:17.011.30196", "cpe:/a:adobe:acrobat_reader_dc:21.001.20155", "cpe:/a:adobe:acrobat_reader:17.011.30196", "cpe:/a:adobe:acrobat_dc:21.001.20155", "cpe:/a:adobe:acrobat:20.001.30025"], "id": "CVE-2021-28552", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28552", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:20.001.30025:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:20.001.30025:*:*:*:classic:*:*:*"]}, {"lastseen": "2022-03-23T16:40:55", "description": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-24T18:15:00", "type": "cve", "title": "CVE-2021-28631", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28631"], "modified": "2021-09-13T14:47:00", "cpe": ["cpe:/a:adobe:acrobat_reader:20.001.30025", "cpe:/a:adobe:acrobat:17.011.30196", "cpe:/a:adobe:acrobat_reader_dc:21.001.20155", "cpe:/a:adobe:acrobat_reader:17.011.30196", "cpe:/a:adobe:acrobat_dc:21.001.20155", "cpe:/a:adobe:acrobat:20.001.30025"], "id": "CVE-2021-28631", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28631", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:20.001.30025:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:20.001.30025:*:*:*:classic:*:*:*"]}, {"lastseen": "2022-03-23T16:40:55", "description": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-24T18:15:00", "type": "cve", "title": "CVE-2021-28632", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28632"], "modified": "2021-09-08T17:23:00", "cpe": ["cpe:/a:adobe:acrobat_reader:20.001.30025", "cpe:/a:adobe:acrobat:17.011.30196", "cpe:/a:adobe:acrobat_reader_dc:21.001.20155", "cpe:/a:adobe:acrobat_reader:17.011.30196", "cpe:/a:adobe:acrobat_dc:21.001.20155", "cpe:/a:adobe:acrobat:20.001.30025"], "id": "CVE-2021-28632", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28632", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat:17.011.30196:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:20.001.30025:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:21.001.20155:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat:20.001.30025:*:*:*:classic:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:34:41", "description": "An out of bounds read vulnerability has been reported in Adobe Acrobat Reader DC. The vulnerability is due to improper handling of relative paths in calls to the app.openDoc JavaScript function.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-08T00:00:00", "type": "checkpoint_advisories", "title": "Adobe Acrobat Reader DC Path Join Out of Bounds Read (APSB21-37: CVE-2021-28554)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28554"], "modified": "2021-06-08T00:00:00", "id": "CPAI-2021-0370", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "zdi": [{"lastseen": "2022-01-31T22:21:49", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of relative paths. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "zdi", "title": "Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28554"], "modified": "2021-06-10T00:00:00", "id": "ZDI-21-659", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-659/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T22:21:48", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA templates. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "zdi", "title": "Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28552"], "modified": "2021-06-10T00:00:00", "id": "ZDI-21-661", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-661/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T22:21:47", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForm fields. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "zdi", "title": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28631"], "modified": "2021-06-10T00:00:00", "id": "ZDI-21-662", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-662/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T22:21:47", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForm fields. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "zdi", "title": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28632"], "modified": "2021-06-10T00:00:00", "id": "ZDI-21-663", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-663/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "qualysblog": [{"lastseen": "2021-06-15T08:32:22", "description": "### Microsoft Patch Tuesday \u2013 June 2021\n\nMicrosoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits.\n\n#### Critical Microsoft Vulnerabilities Patched\n\n[CVE-2021-31985](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31985>) \u2013 Microsoft Defender Remote Code Execution Vulnerability\n\nMicrosoft released patches addressing a critical RCE vulnerability in its Defender product (CVE-2021-31985). This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor.\n\n[CVE-2021-31959](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31959>) \u2013 Scripting Engine Memory Corruption Vulnerability\n\nMicrosoft released patches addressing a critical memory corruption vulnerability in the Chakra JScript scripting engine. This vulnerability impacts Windows RT, Windows 7, Windows 8, Windows 10, Windows Server 2008 R2, Windows Server 2012 (R2) and Windows Server 2016. An adversary can exploit this vulnerability when the target user opens a specially crafted file.\n\n[CVE-2021-31963](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31963>) \u2013 Microsoft SharePoint Server Remote Code Execution Vulnerability\n\nMicrosoft released patches addressing a critical RCE in SharePoint Server. This CVE is assigned a CVSSv3 base score of 7.1 by the vendor.\n\n#### Six 0-Day Vulnerabilities with Exploits in the Wild Patched\n\nThe following vulnerabilities need immediate attention for patching since they have active exploits in the wild:\n\n[CVE-2021-33742](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33742>) \u2013 Windows MSHTML Platform Remote Code Execution Vulnerability \n[CVE-2021-33739](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33739>) \u2013 Microsoft DWM Core Library Elevation of Privilege Vulnerability \n[CVE-2021-31956](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31956>) \u2013 Windows NTFS Elevation of Privilege Vulnerability \n[CVE-2021-31955](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31955>) \u2013 Windows Kernel Information Disclosure Vulnerability \n[CVE-2021-31201](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31201>) \u2013 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability \n[CVE-2021-31199](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31199>) \u2013 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability\n\n#### **Qualys QIDs Providing Coverage**\n\nQID| Title| Severity| CVE ID \n---|---|---|--- \n91768| Microsoft .NET Core Security Update June 2021| Medium| CVE-2021-31957 \n91769| Microsoft Visual Studio Security Update for June 2021| Medium| CVE-2021-31957 \n375614| Visual Studio Code Kubernetes Tools Extension Elevation of Privilege Vulnerability| Medium| CVE-2021-31938 \n110383| Microsoft SharePoint Enterprise Server Multiple Vulnerabilities June 2021| High| CVE-2021-31966,CVE-2021-31965,CVE-2021-31964,CVE-2021-31963,CVE-2021-31950,CVE-2021-31948,CVE-2021-26420 \n110384| Microsoft Office and Microsoft Office Services and Web Apps Security Update June 2021| High| CVE-2021-31939,CVE-2021-31941,CVE-2021-31940,CVE-2021-31949 \n110385| Mcrosoft Outlook Remote Code Execution Vulnerability Security Update June 2021| High| CVE-2021-31949,CVE-2021-31941 \n91771| Microsoft Defender Multiple Vulnerabilities - June 2021| Critical| CVE-2021-31978,CVE-2021-31985 \n91772| Microsoft Windows Security Update for June 2021| Critical| CVE-2021-1675,CVE-2021-26414,CVE-2021-31199,CVE-2021-31201,CVE-2021-31951,CVE-2021-31952,CVE-2021-31953,CVE-2021-31954,CVE-2021-31955,CVE-2021-31956,CVE-2021-31958,CVE-2021-31959,CVE-2021-31960,CVE-2021-31962,CVE-2021-31968,CVE-2021-31969,CVE-2021-31970,CVE-2021-31971,CVE-2021-31972,CVE-2021-31973,CVE-2021-31974,CVE-2021-31975,CVE-2021-31976,CVE-2021-31977,CVE-2021-33742 \n91773| Microsoft 3D Viewer Multiple Vulnerabilities - June 2021| High| CVE-2021-31944,CVE-2021-31943,CVE-2021-31942 \n91774| Microsoft Paint 3D Remote Code Execution Vulnerability| High| CVE-2021-31983,CVE-2021-31946,CVE-2021-31945 \n91775| Microsoft Windows VP9 Video Extension Remote Code Execution Vulnerability| Medium| CVE-2021-31967 \n91777| Microsoft Windows DWM Core Library Elevation of Privilege Vulnerability - June 2021 | High| CVE-2021-33739 \n \n### Adobe Patch Tuesday \u2013 June 2021\n\nAdobe addressed 41 CVEs this Patch Tuesday, and 21 of them are rated as critical severity impacting Acrobat and Reader, Adobe Photoshop, Creative Cloud Desktop Application, RoboHelp Server, Adobe After Effects, and Adobe Animate products.\n\nAdobe Security Bulletin| QID| Severity| CVE ID \n---|---|---|--- \nAdobe Animate Multiple Security Vulnerabilities (APSB21-50)| 91770| Medium| CVE-2021-28630,CVE-2021-28619,CVE-2021-28617,CVE-2021-28618,CVE-2021-28621,CVE-2021-28620,CVE-2021-28629,CVE-2021-28622 \nAdobe Security Update for Adobe Acrobat and Reader( APSB21-37)| 375611| High| CVE-2021-28551,CVE-2021-28554,CVE-2021-28552,CVE-2021-28631,CVE-2021-28632 \n \n### Discover Patch Tuesday Vulnerabilities in VMDR\n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).\n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n\n`vulnerabilities.vulnerability:(qid:`91768` OR qid:`91769` OR qid:`91770` OR qid:`91771` OR qid:`91772` OR qid:`91773` OR qid:`91774` OR qid:`91775` OR qid:`91777` OR qid:`110383` OR qid:`110384` OR qid:`110385` OR qid:`375611` OR qid:`375614`)`\n\n\n\n### Respond by Patching\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches pertaining to this Patch Tuesday.\n\n`(qid:`91768` OR qid:`91769` OR qid:`91770` OR qid:`91771` OR qid:`91772` OR qid:`91773` OR qid:`91774` OR qid:`91775` OR qid:`91777` OR qid:`110383` OR qid:`110384` OR qid:`110385` OR qid:`375611` OR qid:`375614`)`\n\n\n\n### Patch Tuesday Dashboard\n\nThe current updated Patch Tuesday dashboards are available in [Dashboard Toolbox: 2021 Patch Tuesday Dashboard](<https://qualys-secure.force.com/discussions/s/article/000006505>).\n\n### Webinar Series: This Month in Patches\n\nTo help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series [_This Month in Patches_](<https://www.brighttalk.com/webcast/11673/491681>).\n\nWe discuss some of the key vulnerabilities disclosed in the past month and how to patch them:\n\n * VMware vCenter Server Multiple Vulnerabilities\n * Ubuntu XStream Vulnerabilities\n * Microsoft Patch Tuesday, June 2021\n\n[Join us live or watch on demand](<https://www.brighttalk.com/webcast/11673/491681>)!\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed shortly after by [PT dashboards](<https://qualys-secure.force.com/discussions/s/article/000006505>).", "cvss3": {}, "published": "2021-06-08T21:19:29", "type": "qualysblog", "title": "Microsoft & Adobe Patch Tuesday (June 2021) \u2013 Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-1675", "CVE-2021-26414", "CVE-2021-26420", "CVE-2021-28551", "CVE-2021-28552", "CVE-2021-28554", "CVE-2021-28617", "CVE-2021-28618", "CVE-2021-28619", "CVE-2021-28620", "CVE-2021-28621", "CVE-2021-28622", "CVE-2021-28629", "CVE-2021-28630", "CVE-2021-28631", "CVE-2021-28632", "CVE-2021-31199", "CVE-2021-31201", "CVE-2021-31938", "CVE-2021-31939", "CVE-2021-31940", "CVE-2021-31941", "CVE-2021-31942", "CVE-2021-31943", "CVE-2021-31944", "CVE-2021-31945", "CVE-2021-31946", "CVE-2021-31948", "CVE-2021-31949", "CVE-2021-31950", "CVE-2021-31951", "CVE-2021-31952", "CVE-2021-31953", "CVE-2021-31954", "CVE-2021-31955", "CVE-2021-31956", "CVE-2021-31957", "CVE-2021-31958", "CVE-2021-31959", "CVE-2021-31960", "CVE-2021-31962", "CVE-2021-31963", "CVE-2021-31964", "CVE-2021-31965", "CVE-2021-31966", "CVE-2021-31967", "CVE-2021-31968", "CVE-2021-31969", "CVE-2021-31970", "CVE-2021-31971", "CVE-2021-31972", "CVE-2021-31973", "CVE-2021-31974", "CVE-2021-31975", "CVE-2021-31976", "CVE-2021-31977", "CVE-2021-31978", "CVE-2021-31983", "CVE-2021-31985", "CVE-2021-33739", "CVE-2021-33742"], "modified": "2021-06-08T21:19:29", "id": "QUALYSBLOG:23EF75126B24C22C999DAD4D7A2E9DF5", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
Adobe Acrobat <= 2017.011.30196 / 2020.001.30025 / 2021.001.20155 Multiple Vulnerabilities (APSB21-37)
