Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2022 Tenable Network Security, Inc.ADOBE_READER_APSB10-15.NASL
HistoryJun 30, 2010 - 12:00 a.m.

Adobe Reader < 9.3.3 / 8.2.3 Multiple Vulnerabilities (APSB10-15)

2010-06-3000:00:00
This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.
www.tenable.com
35
JSON

The version of Adobe Reader installed on the remote host is earlier than 9.3.3 / 8.2.3. Such versions are reportedly affected by multiple vulnerabilities :

  • A social engineering attack could lead to code execution. (CVE-2010-1240)

  • Handling of an invalid pointer could lead to code execution. (CVE-2010-1285)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-1295)

  • A memory corruption vulnerability could lead to code execution. This issue is reportedly being exploited in the wild. (CVE-2010-1297)

  • Handling of an invalid pointer could lead to code execution. (CVE-2010-2168)

  • Handling of an invalid pointer could lead to code execution. (CVE-2010-2201)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2202)

  • A denial of service vulnerability could potentially lead to code execution. (CVE-2010-2204)

  • It may be possible to execute arbitrary code via uninitialized memory locations. (CVE-2010-2205)

  • An error in array-indexing could lead to code execution. (CVE-2010-2206)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2207)

  • Dereferencing a deleted heap object could lead to code execution. (CVE-2010-2208)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2209)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2210)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2211)

  • A memory corruption vulnerability could lead to code execution. (CVE-2010-2212)

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(47165);
  script_version("1.55");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/08");

  script_cve_id(
    "CVE-2010-1240",
    "CVE-2010-1285",
    "CVE-2010-1295",
    "CVE-2010-1297",
    "CVE-2010-2168",
    "CVE-2010-2201",
    "CVE-2010-2202",
    "CVE-2010-2204",
    "CVE-2010-2205",
    "CVE-2010-2206",
    "CVE-2010-2207",
    "CVE-2010-2208",
    "CVE-2010-2209",
    "CVE-2010-2210",
    "CVE-2010-2211",
    "CVE-2010-2212"
  );
  script_bugtraq_id(
    39109,
    40586,
    41230,
    41231,
    41232,
    41234,
    41236,
    41237,
    41238,
    41239,
    41240,
    41241,
    41242,
    41243,
    41244,
    41245
  );
  script_xref(name:"Secunia", value:"40034");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");

  script_name(english:"Adobe Reader < 9.3.3 / 8.2.3  Multiple Vulnerabilities (APSB10-15)");

  script_set_attribute(attribute:"synopsis", value:
"The version of Adobe Reader on the remote Windows host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Reader installed on the remote host is earlier
than 9.3.3 / 8.2.3.  Such versions are reportedly affected by multiple
vulnerabilities :
  
  - A social engineering attack could lead to code 
    execution. (CVE-2010-1240)

  - Handling of an invalid pointer could lead to code 
    execution. (CVE-2010-1285)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-1295)

  - A memory corruption vulnerability could lead to code
    execution. This issue is reportedly being exploited in
    the wild. (CVE-2010-1297)

  - Handling of an invalid pointer could lead to code 
    execution. (CVE-2010-2168)

  - Handling of an invalid pointer could lead to code
    execution. (CVE-2010-2201)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2202)

  - A denial of service vulnerability could potentially lead
    to code execution. (CVE-2010-2204)

  - It may be possible to execute arbitrary code via 
    uninitialized memory locations. (CVE-2010-2205)

  - An error in array-indexing could lead to code 
    execution. (CVE-2010-2206)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2207)
  
  - Dereferencing a deleted heap object could lead to code
    execution. (CVE-2010-2208)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2209)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2210)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2211)

  - A memory corruption vulnerability could lead to code
    execution. (CVE-2010-2212)");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-15.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Reader 9.3.3 / 8.2.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-2212");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe PDF Escape EXE Social Engineering (No JavaScript)');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.");

  script_dependencies("adobe_reader_installed.nasl");
  script_require_keys("SMB/Acroread/Version");

  exit(0);
}

#

include('global_settings.inc');

info =  '';
info2 = '';
vuln = 0;
vers = get_kb_list('SMB/Acroread/Version');
if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB list is missing.');

foreach version (vers)
{
  ver = split(version, sep:'.', keep:FALSE);
  for (i=0; i<max_index(ver); i++)
    ver[i] = int(ver[i]);

  path = get_kb_item('SMB/Acroread/'+version+'/Path');
  if (isnull(path)) path = 'n/a';

  verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI');
  if (isnull(verui)) verui = version;

  if ( 
    ver[0]  < 8 ||
    (ver[0] == 8 && ver[1]  < 2) ||
    (ver[0] == 8 && ver[1] == 2  && ver[2] < 3) ||
    (ver[0] == 9 && ver[1]  < 3) ||
    (ver[0] == 9 && ver[1] == 3 && ver[2] < 3)
  )
  {
    vuln++;
    info += '\n  Path              : '+path+
            '\n  Installed version : '+verui+
            '\n  Fixed version     : 9.3.3 / 8.2.3\n';
  }
  else
    info2 += " and " + verui;
}

if (info)
{
  if (report_verbosity > 0)
  {
    if (vuln > 1) s = "s of Adobe Reader are";
    else s = " of Adobe Reader is";

    report =
      '\nThe following vulnerable instance'+s+' installed on the'+
      '\nremote host :\n'+
      info;
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));

  exit(0);
}

if (info2) 
{
  info2 -= " and ";
  if (" and " >< info2) be = "are";
  else be = "is";

  exit(0, "The host is not affected since Adobe Reader "+info2+" "+be+" installed.");
}
else exit(1, "Unexpected error - 'info2' is empty.");
VendorProductVersionCPE
adobeacrobat_readercpe:/a:adobe:acrobat_reader

References

Related

nessus 33
redhat 3
openvas 25
suse 3
cve 16
ubuntucve 15
prion 16
securityvulns 13
checkpoint_advisories 7
gentoo 2
packetstorm 7
seebug 7
exploitpack 5
attackerkb 1
saint 4
canvas 1
threatpost 2
metasploit 3
cert 1
zeroscience 1
cisa_kev 1
zdi 1
exploitdb 7
thn 1
securelist 1
freebsd 1
nessus
nessus
Adobe Acrobat < 9.3.3 / 8.2.3 Multiple Vulnerabilities (APSB10-15)
2010-06-30 00:00:00
openSUSE Security Update : acroread (openSUSE-SU-2010:0359-1)
2010-07-09 00:00:00
RHEL 4 / 5 : acroread (RHSA-2010:0503)
2010-07-28 00:00:00
redhat
redhat
(RHSA-2010:0503) Critical: acroread security update
2010-06-30 00:00:00
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
openvas
openvas
SuSE Update for acroread SUSE-SA:2010:029
2010-07-12 00:00:00
SuSE Update for acroread SUSE-SA:2010:029
2010-07-12 00:00:00
Adobe Acrobat and Reader Multiple Vulnerabilities (Jul 2010) - Windows
2010-07-12 00:00:00
suse
suse
remote code execution in acroread
2010-07-08 11:59:38
remote code execution in acroread
2010-09-01 13:59:57
remote code execution in flash-player
2010-06-11 17:44:20
cve
cve
CVE-2010-2212
2010-06-30 18:30:00
CVE-2010-1295
2010-06-30 18:30:00
CVE-2010-2211
2010-06-30 18:30:00
ubuntucve
ubuntucve
CVE-2010-2212
2010-06-30 00:00:00
CVE-2010-2202
2010-06-30 00:00:00
CVE-2010-1295
2010-06-30 00:00:00
prion
prion
Memory corruption
2010-06-30 18:30:00
Memory corruption
2010-06-30 18:30:00
Buffer overflow
2010-06-30 18:30:00
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2010-07-01 00:00:00
VUPEN Security Research - Adobe Acrobat and Reader &quot;newfunction&quot; Memory Corruption Vulnerability &#40;CVE-2010-2168&#41;
2010-07-01 00:00:00
VUPEN Security Research - Adobe Acrobat and Reader #1023 Tag Buffer Overflow Vulnerability &#40;CVE-2010-2212&#41;
2010-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
PDF Files Containing Embedded Adobe Flash Movies (CVE-2010-1297; CVE-2010-2168; CVE-2010-2201)
2010-06-30 00:00:00
Adobe Flash Player authplay.dll Component Code Execution (APSA10-01; CVE-2010-1297)
2010-06-07 00:00:00
Adobe Multiple Products authplay.dll PDF File Code Execution - Ver2 (CVE-2010-1297)
2014-03-31 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2010-09-07 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
packetstorm
packetstorm
Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader
2010-09-24 00:00:00
Adobe Reader 9.3.2 Memory Corruption / Denial Of Service
2010-06-30 00:00:00
Adobe Flash Player newfucntion Invalid Pointer Use
2010-06-15 00:00:00
seebug
seebug
Adobe Acrobat Reader and Flash - 'newfunction' Remote Code Execution Vulnerability
2014-07-01 00:00:00
Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability
2014-07-01 00:00:00
Adobe Flash and Reader - 0day Exploit PoC (from the wild)
2014-07-01 00:00:00
exploitpack
exploitpack
Adobe Acrobat Reader and Flash - newfunction Remote Code Execution
2010-09-23 00:00:00
Adobe Reader 9.3.2 - CoolType.dll Remote Memory Corruption Denial of Service
2010-06-29 00:00:00
Adobe Acrobat Reader and Flash Player - newclass Invalid Pointer
2010-09-01 00:00:00
attackerkb
attackerkb
CVE-2010-1297
2010-06-08 00:00:00
saint
saint
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
canvas
canvas
Immunity Canvas: FLASH_NEWFUNCTION
2010-06-08 18:30:00
threatpost
threatpost
Adobe to Release Flash Patch June 10
2010-06-08 10:56:42
Adobe Warns of Flash, PDF Zero Day Attack
2010-06-05 03:10:19
metasploit
metasploit
Adobe Flash Player "newfunction" Invalid Pointer Use
2010-06-10 20:28:05
Adobe PDF Embedded EXE Social Engineering
2010-04-29 17:02:33
Adobe Flash Player "newfunction" Invalid Pointer Use
2010-06-10 19:52:43
cert
cert
Adobe Flash ActionScript AVM2 newfunction vulnerability
2010-06-07 00:00:00
zeroscience
zeroscience
Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability
2010-06-29 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Memory Corruption Vulnerability
2022-06-08 00:00:00
zdi
zdi
Adobe Reader CLOD Progressive Mesh Continuation Resolution Remote Code Execution Vulnerability
2010-06-30 00:00:00
exploitdb
exploitdb
Adobe Acrobat Reader and Flash - &#039;newfunction&#039; Remote Code Execution
2010-09-23 00:00:00
Adobe Reader 9.3.2 - &#039;CoolType.dll&#039; Remote Memory Corruption / Denial of Service
2010-06-29 00:00:00
Adobe Flash Player - &#039;newfunction&#039; Invalid Pointer Use (Metasploit) (1)
2010-09-20 00:00:00
thn
thn
Bleeding Life 2 Exploit Pack Released
2011-10-24 04:30:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
JSON
Related for ADOBE_READER_APSB10-15.NASL
nessus33redhat3openvas25suse3cve16ubuntucve15prion16securityvulns13checkpoint_advisories7gentoo2packetstorm7seebug7exploitpack5attackerkb1saint4canvas1threatpost2metasploit3cert1zeroscience1cisa_kev1zdi1exploitdb7thn1securelist1freebsd1