Search...

Debian DLA-1161-1 : redis security update

2017-11-06T00:00:00

ID DEBIAN_DLA-1161.NASL
Type nessus
Reporter Tenable
Modified 2018-07-09T00:00:00

Description

It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.

'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.

For Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.

We recommend that you upgrade your redis packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1161-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(104399);
  script_version("3.4");
  script_cvs_date("Date: 2018/07/09 12:26:58");

  script_cve_id("CVE-2016-1051");

  script_name(english:"Debian DLA-1161-1 : redis security update");
  script_summary(english:"Checks dpkg output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that there was a 'Cross Protocol Scripting' attack
in the Redis key-value database.

'POST' and 'Host:' command strings (which are not valid in the Redis
protocol) were not immediately rejected when an attacker makes HTTP
request to the Redis TCP port.

For Debian 7 'Wheezy', this issue has been fixed in redis version
2:2.4.14-1+deb7u2.

We recommend that you upgrade your redis packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/redis"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Upgrade the affected redis-server package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:redis-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2017/11/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/11/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"redis-server", reference:"2:2.4.14-1+deb7u2")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DLA-1161.NASL", "bulletinFamily": "scanner", "title": "Debian DLA-1161-1 : redis security update", "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-11-06T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "reporter": "Tenable", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "cvelist": ["CVE-2016-1051"], "type": "nessus", "lastseen": "2019-02-21T01:33:49", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {"score": {"modified": "2017-11-06T22:43:46", "value": 10.0}}, "hash": "ed2a160636da579b58b147d0adf09c9b641e92f0a47bcd5a6a0f708f70af6d63", "hashmap": [{"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "bfda29dfc99ee156b524a2dd6175b2b7", "key": "sourceData"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2017-11-06T22:43:46", "modified": "2017-11-06T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/11/06 14:41:25 $\");\n\n script_cve_id(\"CVE-2016-1051\");\n script_osvdb_id(138292);\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 5}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-11-06T22:43:46"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "ccff7f274ed0789e53979f61e43d93dfb133312c988b3f0d05dccacc7c9ca589", "hashmap": [{"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "9d4ec3bc274414c5dfdd7488d4d95f7b", "key": "modified"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "a30243d49860130784153b4b4caaddda", "key": "sourceData"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2018-07-07T01:52:05", "modified": "2018-07-06T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/07/06 11:26:07\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 9}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2018-07-07T01:52:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "c17847014a676caf075651020167eb948a458900129b0463697a17c9280c108f", "hashmap": [{"hash": "8c6837b2448b903ef17b5e510b11bb6b", "key": "sourceData"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2018-08-30T19:41:29", "modified": "2018-07-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 9}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:41:29"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:29:47", "references": [{"idList": ["OPENVAS:1361412562310807695", "OPENVAS:1361412562310807696", "OPENVAS:1361412562310807697", "OPENVAS:1361412562310807694"], "type": "openvas"}, {"idList": ["DEBIAN:DLA-1161-1:1B303"], "type": "debian"}, {"idList": ["ZDI-16-299"], "type": "zdi"}, {"idList": ["CVE-2016-1051"], "type": "cve"}, {"idList": ["KLA10807"], "type": "kaspersky"}, {"idList": ["ADOBE_ACROBAT_APSB16-14.NASL", "ADOBE_READER_APSB16-14.NASL", "MACOSX_ADOBE_READER_APSB16-14.NASL", "MACOSX_ADOBE_ACROBAT_APSB16-14.NASL"], "type": "nessus"}]}, "score": {"value": 4.3, "vector": "NONE"}}, "hash": "6e248ae3428df0c2962bea02cbfd1846cd36585601dc6f8788b9e69841a8a37e", "hashmap": [{"hash": "8c6837b2448b903ef17b5e510b11bb6b", "key": "sourceData"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "5d4aff77167560e6479a2c9e3d5e2b62", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2019-01-16T20:29:47", "modified": "2018-07-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 9}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:29:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "fb9622b46ebce08f3ade383151714fe3ada1908fe290b9f9f93944515716e48e", "hashmap": [{"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a0550d8929a8d2440a7ab66382b13e88", "key": "modified"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "4c9fa4384906de308f56cbad4f0c2e29", "key": "sourceData"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2018-01-30T01:03:01", "modified": "2018-01-29T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/29 14:23:40 $\");\n\n script_cve_id(\"CVE-2016-1051\");\n script_osvdb_id(138292);\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 6}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2018-01-30T01:03:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "292b20db0a16f0c901f119672f0eab2cd4a525647194319a537b4025964d643b", "hashmap": [{"hash": "8c6837b2448b903ef17b5e510b11bb6b", "key": "sourceData"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2018-07-10T05:50:22", "modified": "2018-07-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 9}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-07-10T05:50:22"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "cvelist": ["CVE-2016-1051"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "It was discovered that there was a 'Cross Protocol Scripting' attack in the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis protocol) were not immediately rejected when an attacker makes HTTP request to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "292b20db0a16f0c901f119672f0eab2cd4a525647194319a537b4025964d643b", "hashmap": [{"hash": "8c6837b2448b903ef17b5e510b11bb6b", "key": "sourceData"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "3db3123b7d7c0c79acec0f5e5c4c57ac", "key": "title"}, {"hash": "f1220ab7b33d4c3dfddc6754c59d6067", "key": "published"}, {"hash": "68e7d0c3cc95a3a7af34a87a058cff4b", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6d621b4e50315f4f2db3f9e96d591f99", "key": "cvelist"}, {"hash": "8642405f130f3a4a03776ded0c77688c", "key": "description"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4edb8087e277f1c40cdbb7779a043d54", "key": "references"}, {"hash": "7f57a0c523c4859ba63acbe408c28f75", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "b42892e517d218602686ed1607b09214", "key": "href"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104399", "id": "DEBIAN_DLA-1161.NASL", "lastseen": "2018-09-01T23:47:45", "modified": "2018-07-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104399", "published": "2017-11-06T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html", "https://packages.debian.org/source/wheezy/redis"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DLA-1161-1 : redis security update", "type": "nessus", "viewCount": 9}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-09-01T23:47:45"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "68e7d0c3cc95a3a7af34a87a058cff4b"}, {"key": "cvelist", "hash": "6d621b4e50315f4f2db3f9e96d591f99"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "8642405f130f3a4a03776ded0c77688c"}, {"key": "href", "hash": "b42892e517d218602686ed1607b09214"}, {"key": "modified", "hash": "48d60a46ed3f845ea90484e4bf421124"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "7f57a0c523c4859ba63acbe408c28f75"}, {"key": "published", "hash": "f1220ab7b33d4c3dfddc6754c59d6067"}, {"key": "references", "hash": "4edb8087e277f1c40cdbb7779a043d54"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "8c6837b2448b903ef17b5e510b11bb6b"}, {"key": "title", "hash": "3db3123b7d7c0c79acec0f5e5c4c57ac"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "292b20db0a16f0c901f119672f0eab2cd4a525647194319a537b4025964d643b", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-1051"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1161-1:1B303"]}, {"type": "zdi", "idList": ["ZDI-16-299"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310807696", "OPENVAS:1361412562310807695", "OPENVAS:1361412562310807697", "OPENVAS:1361412562310807694"]}, {"type": "nessus", "idList": ["MACOSX_ADOBE_ACROBAT_APSB16-14.NASL", "MACOSX_ADOBE_READER_APSB16-14.NASL", "ADOBE_READER_APSB16-14.NASL", "ADOBE_ACROBAT_APSB16-14.NASL"]}, {"type": "kaspersky", "idList": ["KLA10807"]}], "modified": "2019-02-21T01:33:49"}, "score": {"value": 4.3, "vector": "NONE"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1161-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104399);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2016-1051\");\n\n script_name(english:\"Debian DLA-1161-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was a 'Cross Protocol Scripting' attack\nin the Redis key-value database.\n\n'POST' and 'Host:' command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 'Wheezy', this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"redis-server\", reference:\"2:2.4.14-1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "104399", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "cpe:/o:debian:debian_linux:7.0"], "scheme": null}

{"cve": [{"lastseen": "2018-02-05T15:15:31", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.", "modified": "2018-02-03T21:29:01", "published": "2016-05-11T06:59:16", "id": "CVE-2016-1051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1051", "type": "cve", "title": "CVE-2016-1051", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdi": [{"lastseen": "2016-11-09T00:18:04", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat DC Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the WillSave document action. A specially crafted WillSave document action can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.", "modified": "2016-11-09T00:00:00", "published": "2016-05-10T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-16-299", "id": "ZDI-16-299", "title": "Adobe Acrobat Pro DC WillSave Action Use-After-Free Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-18T13:50:19", "bulletinFamily": "unix", "description": "Package : redis\nVersion : 2:2.4.14-1+deb7u2\nCVE ID : CVE-2016-1051\n\nIt was discovered that there was a "Cross Protocol Scripting" attack in\nthe Redis key-value database.\n\n"POST" and "Host:" command strings (which are not valid in the Redis\nprotocol) were not immediately rejected when an attacker makes HTTP\nrequest to the Redis TCP port.\n\nFor Debian 7 "Wheezy", this issue has been fixed in redis version\n2:2.4.14-1+deb7u2.\n\nWe recommend that you upgrade your redis packages.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-\n\n", "modified": "2017-11-05T16:22:34", "published": "2017-11-05T16:22:34", "id": "DEBIAN:DLA-1161-1:1B303", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201711/msg00004.html", "title": "[SECURITY] [DLA 1161-1] redis security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:15:08", "bulletinFamily": "info", "description": "### *Detect date*:\n05/10/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information.\n\n### *Affected products*:\nAdobe Acrobat XI versions earlier than 11.0.16 \nAdobe Acrobat Reader XI versions earlier than 11.0.16 \nAdobe Acrobat DC Classic versions earlier than 15.006.30172 \nAdobe Acrobat Reader DC Classic versions earlier than 15.006.30172 \nAdobe Acrobat DC Continuous versions earlier than 15.016.20039 \nAdobe Acrobat Reader DC Continuous versions earlier than 15.016.20039\n\n### *Solution*:\nUpdate to the latest version \n[Get reader](<https://get.adobe.com/ru/reader/>)\n\n### *Original advisories*:\n[Adobe security bulletin](<https://helpx.adobe.com/security/products/acrobat/apsb16-14.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Reader XI](<https://threats.kaspersky.com/en/product/Adobe-Reader-XI/>)\n\n### *CVE-IDS*:\n[CVE-2016-1037](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1037>)10.0Critical \n[CVE-2016-1038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1038>)10.0Critical \n[CVE-2016-1039](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1039>)10.0Critical \n[CVE-2016-1040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1040>)10.0Critical \n[CVE-2016-1041](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1041>)10.0Critical \n[CVE-2016-1042](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1042>)10.0Critical \n[CVE-2016-1043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1043>)10.0Critical \n[CVE-2016-1044](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1044>)10.0Critical \n[CVE-2016-1045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1045>)10.0Critical \n[CVE-2016-1046](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1046>)10.0Critical \n[CVE-2016-1047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1047>)10.0Critical \n[CVE-2016-1048](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1048>)10.0Critical \n[CVE-2016-1049](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1049>)10.0Critical \n[CVE-2016-1050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1050>)10.0Critical \n[CVE-2016-1051](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1051>)10.0Critical \n[CVE-2016-1052](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1052>)10.0Critical \n[CVE-2016-1053](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1053>)10.0Critical \n[CVE-2016-1054](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1054>)10.0Critical \n[CVE-2016-1055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1055>)10.0Critical \n[CVE-2016-1056](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1056>)10.0Critical \n[CVE-2016-1057](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1057>)10.0Critical \n[CVE-2016-1058](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1058>)10.0Critical \n[CVE-2016-1059](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1059>)10.0Critical \n[CVE-2016-1060](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1060>)10.0Critical \n[CVE-2016-1061](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1061>)10.0Critical \n[CVE-2016-1062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1062>)10.0Critical \n[CVE-2016-1063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1063>)10.0Critical \n[CVE-2016-1064](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1064>)10.0Critical \n[CVE-2016-1065](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1065>)10.0Critical \n[CVE-2016-1066](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1066>)10.0Critical \n[CVE-2016-1067](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1067>)10.0Critical \n[CVE-2016-1068](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1068>)10.0Critical \n[CVE-2016-1069](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1069>)10.0Critical \n[CVE-2016-1070](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1070>)10.0Critical \n[CVE-2016-1071](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1071>)10.0Critical \n[CVE-2016-1072](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1072>)10.0Critical \n[CVE-2016-1073](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1073>)10.0Critical \n[CVE-2016-1074](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1074>)10.0Critical \n[CVE-2016-1075](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1075>)10.0Critical \n[CVE-2016-1076](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1076>)10.0Critical \n[CVE-2016-1077](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1077>)10.0Critical \n[CVE-2016-1078](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1078>)10.0Critical \n[CVE-2016-1079](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1079>)5.0Critical \n[CVE-2016-1080](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1080>)10.0Critical \n[CVE-2016-1081](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1081>)10.0Critical \n[CVE-2016-1082](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1082>)10.0Critical \n[CVE-2016-1083](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1083>)10.0Critical \n[CVE-2016-1084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1084>)10.0Critical \n[CVE-2016-1085](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1085>)10.0Critical \n[CVE-2016-1086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1086>)10.0Critical \n[CVE-2016-1087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1087>)7.2Critical \n[CVE-2016-1088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1088>)10.0Critical \n[CVE-2016-1090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1090>)7.2Critical \n[CVE-2016-1092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1092>)5.0Critical \n[CVE-2016-1093](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1093>)10.0Critical \n[CVE-2016-1094](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1094>)10.0Critical \n[CVE-2016-1095](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1095>)10.0Critical \n[CVE-2016-1112](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1112>)10.0Critical \n[CVE-2016-1116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1116>)10.0Critical \n[CVE-2016-1117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1117>)10.0Critical \n[CVE-2016-1118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1118>)10.0Critical \n[CVE-2016-1119](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1119>)10.0Critical \n[CVE-2016-1120](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1120>)10.0Critical \n[CVE-2016-1121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1121>)10.0Critical \n[CVE-2016-1122](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1122>)10.0Critical \n[CVE-2016-1123](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1123>)10.0Critical \n[CVE-2016-1124](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1124>)10.0Critical \n[CVE-2016-1125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1125>)10.0Critical \n[CVE-2016-1126](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1126>)10.0Critical \n[CVE-2016-1127](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1127>)10.0Critical \n[CVE-2016-1128](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1128>)10.0Critical \n[CVE-2016-1129](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1129>)10.0Critical \n[CVE-2016-1130](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1130>)10.0Critical \n[CVE-2016-4088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4088>)10.0Critical \n[CVE-2016-4089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4089>)10.0Critical \n[CVE-2016-4090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4090>)10.0Critical \n[CVE-2016-4091](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4091>)10.0Critical \n[CVE-2016-4092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4092>)10.0Critical \n[CVE-2016-4093](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4093>)10.0Critical \n[CVE-2016-4094](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4094>)10.0Critical \n[CVE-2016-4096](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4096>)10.0Critical \n[CVE-2016-4097](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4097>)10.0Critical \n[CVE-2016-4098](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4098>)10.0Critical \n[CVE-2016-4099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4099>)10.0Critical \n[CVE-2016-4100](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4100>)10.0Critical \n[CVE-2016-4101](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4101>)10.0Critical \n[CVE-2016-4102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4102>)10.0Critical \n[CVE-2016-4103](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4103>)10.0Critical \n[CVE-2016-4104](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4104>)10.0Critical \n[CVE-2016-4105](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4105>)10.0Critical \n[CVE-2016-4106](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4106>)7.2Critical \n[CVE-2016-4107](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4107>)10.0Critical \n[CVE-2016-4119](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4119>)10.0Critical", "modified": "2019-03-07T00:00:00", "published": "2016-05-10T00:00:00", "id": "KLA10807", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10807", "title": "\r KLA10807Multiple vulnerabilities in Adobe Acrobat ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-10-22T16:37:26", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2016-05-12T00:00:00", "id": "OPENVAS:1361412562310807697", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807697", "title": "Adobe Acrobat Security Updates(apsb16-14)-Windows", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_acrobat_apsb16-14_win.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Adobe Acrobat Security Updates(apsb16-14)-Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807697\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2016-1037\", \"CVE-2016-1038\", \"CVE-2016-1039\", \"CVE-2016-1040\",\n\t\t\"CVE-2016-1041\", \"CVE-2016-1042\", \"CVE-2016-1043\", \"CVE-2016-1044\",\n\t\t\"CVE-2016-1045\", \"CVE-2016-1046\", \"CVE-2016-1047\", \"CVE-2016-1048\",\n\t\t\"CVE-2016-1049\", \"CVE-2016-1050\", \"CVE-2016-1051\", \"CVE-2016-1052\",\n\t\t\"CVE-2016-1053\", \"CVE-2016-1054\", \"CVE-2016-1055\", \"CVE-2016-1056\",\n\t\t\"CVE-2016-1057\", \"CVE-2016-1058\", \"CVE-2016-1059\", \"CVE-2016-1060\",\n\t\t\"CVE-2016-1061\", \"CVE-2016-1062\", \"CVE-2016-1063\", \"CVE-2016-1064\",\n\t\t\"CVE-2016-1065\", \"CVE-2016-1066\", \"CVE-2016-1067\", \"CVE-2016-1068\",\n\t\t\"CVE-2016-1069\", \"CVE-2016-1070\", \"CVE-2016-1071\", \"CVE-2016-1072\",\n\t\t\"CVE-2016-1073\", \"CVE-2016-1074\", \"CVE-2016-1075\", \"CVE-2016-1076\",\n\t\t\"CVE-2016-1077\", \"CVE-2016-1078\", \"CVE-2016-1079\", \"CVE-2016-1080\",\n\t\t\"CVE-2016-1081\", \"CVE-2016-1082\", \"CVE-2016-1083\", \"CVE-2016-1084\",\n\t\t\"CVE-2016-1085\", \"CVE-2016-1086\", \"CVE-2016-1087\", \"CVE-2016-1088\",\n\t\t\"CVE-2016-1090\", \"CVE-2016-1092\", \"CVE-2016-1093\", \"CVE-2016-1094\",\n\t\t\"CVE-2016-1095\", \"CVE-2016-1112\", \"CVE-2016-1116\", \"CVE-2016-1117\",\n\t\t\"CVE-2016-1118\", \"CVE-2016-1119\", \"CVE-2016-1120\", \"CVE-2016-1121\",\n\t\t\"CVE-2016-1122\", \"CVE-2016-1123\", \"CVE-2016-1124\", \"CVE-2016-1125\",\n\t\t\"CVE-2016-1126\", \"CVE-2016-1127\", \"CVE-2016-1128\", \"CVE-2016-1129\",\n\t\t\"CVE-2016-1130\", \"CVE-2016-4088\", \"CVE-2016-4089\", \"CVE-2016-4090\",\n\t\t\"CVE-2016-4091\", \"CVE-2016-4092\", \"CVE-2016-4093\", \"CVE-2016-4094\",\n\t\t\"CVE-2016-4096\", \"CVE-2016-4097\", \"CVE-2016-4098\", \"CVE-2016-4099\",\n\t\t\"CVE-2016-4100\", \"CVE-2016-4101\", \"CVE-2016-4102\", \"CVE-2016-4103\",\n\t\t\"CVE-2016-4104\", \"CVE-2016-4105\", \"CVE-2016-4106\", \"CVE-2016-4107\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 10:27:43 +0530 (Thu, 12 May 2016)\");\n script_name(\"Adobe Acrobat Security Updates(apsb16-14)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - Multiple use-after-free vulnerabilities.\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - The memory corruption vulnerabilities.\n\n - An integer overflow vulnerability.\n\n - Multiple vulnerabilities in the directory search path used to find resources.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attacker to execute arbitrary code or cause a\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.16 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version\n 11.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/in/products/acrobat.html\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.15\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.16\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:36:52", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2016-05-12T00:00:00", "id": "OPENVAS:1361412562310807694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807694", "title": "Adobe Reader Security Updates(apsb16-14)-Windows", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_apsb16-14_win.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Adobe Reader Security Updates(apsb16-14)-Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807694\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2016-1037\", \"CVE-2016-1038\", \"CVE-2016-1039\", \"CVE-2016-1040\",\n\t\t\"CVE-2016-1041\", \"CVE-2016-1042\", \"CVE-2016-1043\", \"CVE-2016-1044\",\n\t\t\"CVE-2016-1045\", \"CVE-2016-1046\", \"CVE-2016-1047\", \"CVE-2016-1048\",\n\t\t\"CVE-2016-1049\", \"CVE-2016-1050\", \"CVE-2016-1051\", \"CVE-2016-1052\",\n\t\t\"CVE-2016-1053\", \"CVE-2016-1054\", \"CVE-2016-1055\", \"CVE-2016-1056\",\n\t\t\"CVE-2016-1057\", \"CVE-2016-1058\", \"CVE-2016-1059\", \"CVE-2016-1060\",\n\t\t\"CVE-2016-1061\", \"CVE-2016-1062\", \"CVE-2016-1063\", \"CVE-2016-1064\",\n\t\t\"CVE-2016-1065\", \"CVE-2016-1066\", \"CVE-2016-1067\", \"CVE-2016-1068\",\n\t\t\"CVE-2016-1069\", \"CVE-2016-1070\", \"CVE-2016-1071\", \"CVE-2016-1072\",\n\t\t\"CVE-2016-1073\", \"CVE-2016-1074\", \"CVE-2016-1075\", \"CVE-2016-1076\",\n\t\t\"CVE-2016-1077\", \"CVE-2016-1078\", \"CVE-2016-1079\", \"CVE-2016-1080\",\n\t\t\"CVE-2016-1081\", \"CVE-2016-1082\", \"CVE-2016-1083\", \"CVE-2016-1084\",\n\t\t\"CVE-2016-1085\", \"CVE-2016-1086\", \"CVE-2016-1087\", \"CVE-2016-1088\",\n\t\t\"CVE-2016-1090\", \"CVE-2016-1092\", \"CVE-2016-1093\", \"CVE-2016-1094\",\n\t\t\"CVE-2016-1095\", \"CVE-2016-1112\", \"CVE-2016-1116\", \"CVE-2016-1117\",\n\t\t\"CVE-2016-1118\", \"CVE-2016-1119\", \"CVE-2016-1120\", \"CVE-2016-1121\",\n\t\t\"CVE-2016-1122\", \"CVE-2016-1123\", \"CVE-2016-1124\", \"CVE-2016-1125\",\n\t\t\"CVE-2016-1126\", \"CVE-2016-1127\", \"CVE-2016-1128\", \"CVE-2016-1129\",\n\t\t\"CVE-2016-1130\", \"CVE-2016-4088\", \"CVE-2016-4089\", \"CVE-2016-4090\",\n\t\t\"CVE-2016-4091\", \"CVE-2016-4092\", \"CVE-2016-4093\", \"CVE-2016-4094\",\n\t\t\"CVE-2016-4096\", \"CVE-2016-4097\", \"CVE-2016-4098\", \"CVE-2016-4099\",\n\t\t\"CVE-2016-4100\", \"CVE-2016-4101\", \"CVE-2016-4102\", \"CVE-2016-4103\",\n\t\t\"CVE-2016-4104\", \"CVE-2016-4105\", \"CVE-2016-4106\", \"CVE-2016-4107\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 10:27:43 +0530 (Thu, 12 May 2016)\");\n script_name(\"Adobe Reader Security Updates(apsb16-14)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - Multiple use-after-free vulnerabilities.\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - The memory corruption vulnerabilities.\n\n - An integer overflow vulnerability.\n\n - Multiple vulnerabilities in the directory search path used to find resources.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attacker to execute arbitrary code or cause a\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 11.x before 11.0.16 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version\n 11.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/in/products/acrobat.html\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.15\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.16\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:36:39", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2016-05-12T00:00:00", "id": "OPENVAS:1361412562310807696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807696", "title": "Adobe Acrobat Security Updates(apsb16-14)-MAC OS X", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_acrobat_apsb16-14_macosx.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Adobe Acrobat Security Updates(apsb16-14)-MAC OS X\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807696\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2016-1037\", \"CVE-2016-1038\", \"CVE-2016-1039\", \"CVE-2016-1040\",\n\t\t\"CVE-2016-1041\", \"CVE-2016-1042\", \"CVE-2016-1043\", \"CVE-2016-1044\",\n\t\t\"CVE-2016-1045\", \"CVE-2016-1046\", \"CVE-2016-1047\", \"CVE-2016-1048\",\n\t\t\"CVE-2016-1049\", \"CVE-2016-1050\", \"CVE-2016-1051\", \"CVE-2016-1052\",\n\t\t\"CVE-2016-1053\", \"CVE-2016-1054\", \"CVE-2016-1055\", \"CVE-2016-1056\",\n\t\t\"CVE-2016-1057\", \"CVE-2016-1058\", \"CVE-2016-1059\", \"CVE-2016-1060\",\n\t\t\"CVE-2016-1061\", \"CVE-2016-1062\", \"CVE-2016-1063\", \"CVE-2016-1064\",\n\t\t\"CVE-2016-1065\", \"CVE-2016-1066\", \"CVE-2016-1067\", \"CVE-2016-1068\",\n\t\t\"CVE-2016-1069\", \"CVE-2016-1070\", \"CVE-2016-1071\", \"CVE-2016-1072\",\n\t\t\"CVE-2016-1073\", \"CVE-2016-1074\", \"CVE-2016-1075\", \"CVE-2016-1076\",\n\t\t\"CVE-2016-1077\", \"CVE-2016-1078\", \"CVE-2016-1079\", \"CVE-2016-1080\",\n\t\t\"CVE-2016-1081\", \"CVE-2016-1082\", \"CVE-2016-1083\", \"CVE-2016-1084\",\n\t\t\"CVE-2016-1085\", \"CVE-2016-1086\", \"CVE-2016-1087\", \"CVE-2016-1088\",\n\t\t\"CVE-2016-1090\", \"CVE-2016-1092\", \"CVE-2016-1093\", \"CVE-2016-1094\",\n\t\t\"CVE-2016-1095\", \"CVE-2016-1112\", \"CVE-2016-1116\", \"CVE-2016-1117\",\n\t\t\"CVE-2016-1118\", \"CVE-2016-1119\", \"CVE-2016-1120\", \"CVE-2016-1121\",\n\t\t\"CVE-2016-1122\", \"CVE-2016-1123\", \"CVE-2016-1124\", \"CVE-2016-1125\",\n\t\t\"CVE-2016-1126\", \"CVE-2016-1127\", \"CVE-2016-1128\", \"CVE-2016-1129\",\n\t\t\"CVE-2016-1130\", \"CVE-2016-4088\", \"CVE-2016-4089\", \"CVE-2016-4090\",\n\t\t\"CVE-2016-4091\", \"CVE-2016-4092\", \"CVE-2016-4093\", \"CVE-2016-4094\",\n\t\t\"CVE-2016-4096\", \"CVE-2016-4097\", \"CVE-2016-4098\", \"CVE-2016-4099\",\n\t\t\"CVE-2016-4100\", \"CVE-2016-4101\", \"CVE-2016-4102\", \"CVE-2016-4103\",\n\t\t\"CVE-2016-4104\", \"CVE-2016-4105\", \"CVE-2016-4106\", \"CVE-2016-4107\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 10:27:43 +0530 (Thu, 12 May 2016)\");\n script_name(\"Adobe Acrobat Security Updates(apsb16-14)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - Multiple use-after-free vulnerabilities.\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - The memory corruption vulnerabilities.\n\n - An integer overflow vulnerability.\n\n - Multiple vulnerabilities in the directory search path used to find resources.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attacker to execute arbitrary code or cause a\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 11.x before 11.0.16 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version\n 11.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/in/products/acrobat.html\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.15\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.16\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:37:18", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2016-05-12T00:00:00", "id": "OPENVAS:1361412562310807695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807695", "title": "Adobe Reader Security Updates(apsb16-14)-MAC OS X", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_apsb16-14_macosx.nasl 11969 2018-10-18 14:53:42Z asteins $\n#\n# Adobe Reader Security Updates(apsb16-14)-MAC OS X\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807695\");\n script_version(\"$Revision: 11969 $\");\n script_cve_id(\"CVE-2016-1037\", \"CVE-2016-1038\", \"CVE-2016-1039\", \"CVE-2016-1040\",\n\t\t\"CVE-2016-1041\", \"CVE-2016-1042\", \"CVE-2016-1043\", \"CVE-2016-1044\",\n\t\t\"CVE-2016-1045\", \"CVE-2016-1046\", \"CVE-2016-1047\", \"CVE-2016-1048\",\n\t\t\"CVE-2016-1049\", \"CVE-2016-1050\", \"CVE-2016-1051\", \"CVE-2016-1052\",\n\t\t\"CVE-2016-1053\", \"CVE-2016-1054\", \"CVE-2016-1055\", \"CVE-2016-1056\",\n\t\t\"CVE-2016-1057\", \"CVE-2016-1058\", \"CVE-2016-1059\", \"CVE-2016-1060\",\n\t\t\"CVE-2016-1061\", \"CVE-2016-1062\", \"CVE-2016-1063\", \"CVE-2016-1064\",\n\t\t\"CVE-2016-1065\", \"CVE-2016-1066\", \"CVE-2016-1067\", \"CVE-2016-1068\",\n\t\t\"CVE-2016-1069\", \"CVE-2016-1070\", \"CVE-2016-1071\", \"CVE-2016-1072\",\n\t\t\"CVE-2016-1073\", \"CVE-2016-1074\", \"CVE-2016-1075\", \"CVE-2016-1076\",\n\t\t\"CVE-2016-1077\", \"CVE-2016-1078\", \"CVE-2016-1079\", \"CVE-2016-1080\",\n\t\t\"CVE-2016-1081\", \"CVE-2016-1082\", \"CVE-2016-1083\", \"CVE-2016-1084\",\n\t\t\"CVE-2016-1085\", \"CVE-2016-1086\", \"CVE-2016-1087\", \"CVE-2016-1088\",\n\t\t\"CVE-2016-1090\", \"CVE-2016-1092\", \"CVE-2016-1093\", \"CVE-2016-1094\",\n\t\t\"CVE-2016-1095\", \"CVE-2016-1112\", \"CVE-2016-1116\", \"CVE-2016-1117\",\n\t\t\"CVE-2016-1118\", \"CVE-2016-1119\", \"CVE-2016-1120\", \"CVE-2016-1121\",\n\t\t\"CVE-2016-1122\", \"CVE-2016-1123\", \"CVE-2016-1124\", \"CVE-2016-1125\",\n\t\t\"CVE-2016-1126\", \"CVE-2016-1127\", \"CVE-2016-1128\", \"CVE-2016-1129\",\n\t\t\"CVE-2016-1130\", \"CVE-2016-4088\", \"CVE-2016-4089\", \"CVE-2016-4090\",\n\t\t\"CVE-2016-4091\", \"CVE-2016-4092\", \"CVE-2016-4093\", \"CVE-2016-4094\",\n\t\t\"CVE-2016-4096\", \"CVE-2016-4097\", \"CVE-2016-4098\", \"CVE-2016-4099\",\n\t\t\"CVE-2016-4100\", \"CVE-2016-4101\", \"CVE-2016-4102\", \"CVE-2016-4103\",\n\t\t\"CVE-2016-4104\", \"CVE-2016-4105\", \"CVE-2016-4106\", \"CVE-2016-4107\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 16:53:42 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 10:27:43 +0530 (Thu, 12 May 2016)\");\n script_name(\"Adobe Reader Security Updates(apsb16-14)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exist due to,\n\n - Multiple use-after-free vulnerabilities.\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - The memory corruption vulnerabilities.\n\n - An integer overflow vulnerability.\n\n - Multiple vulnerabilities in the directory search path used to find resources.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attacker to execute arbitrary code or cause a\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 11.x before 11.0.16 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version\n 11.0.16 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/in/products/acrobat.html\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:readerVer, test_version:\"11.0\", test_version2:\"11.0.15\"))\n{\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"11.0.16\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:26:55", "bulletinFamily": "scanner", "description": "The version of Adobe Reader installed on the remote Mac OS X host is prior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, CVE-2016-4105, CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker to have an unspecified impact. (CVE-2016-1079, CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link libraries. An attacker can exploit this, via a specially crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-16T00:00:00", "id": "MACOSX_ADOBE_READER_APSB16-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91099", "published": "2016-05-12T00:00:00", "title": "Adobe Reader < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14) (Mac OS X)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91099);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2016-1037\",\n \"CVE-2016-1038\",\n \"CVE-2016-1039\",\n \"CVE-2016-1040\",\n \"CVE-2016-1041\",\n \"CVE-2016-1042\",\n \"CVE-2016-1043\",\n \"CVE-2016-1044\",\n \"CVE-2016-1045\",\n \"CVE-2016-1046\",\n \"CVE-2016-1047\",\n \"CVE-2016-1048\",\n \"CVE-2016-1049\",\n \"CVE-2016-1050\",\n \"CVE-2016-1051\",\n \"CVE-2016-1052\",\n \"CVE-2016-1053\",\n \"CVE-2016-1054\",\n \"CVE-2016-1055\",\n \"CVE-2016-1056\",\n \"CVE-2016-1057\",\n \"CVE-2016-1058\",\n \"CVE-2016-1059\",\n \"CVE-2016-1060\",\n \"CVE-2016-1061\",\n \"CVE-2016-1062\",\n \"CVE-2016-1063\",\n \"CVE-2016-1064\",\n \"CVE-2016-1065\",\n \"CVE-2016-1066\",\n \"CVE-2016-1067\",\n \"CVE-2016-1068\",\n \"CVE-2016-1069\",\n \"CVE-2016-1070\",\n \"CVE-2016-1071\",\n \"CVE-2016-1072\",\n \"CVE-2016-1073\",\n \"CVE-2016-1074\",\n \"CVE-2016-1075\",\n \"CVE-2016-1076\",\n \"CVE-2016-1077\",\n \"CVE-2016-1078\",\n \"CVE-2016-1079\",\n \"CVE-2016-1080\",\n \"CVE-2016-1081\",\n \"CVE-2016-1082\",\n \"CVE-2016-1083\",\n \"CVE-2016-1084\",\n \"CVE-2016-1085\",\n \"CVE-2016-1086\",\n \"CVE-2016-1087\",\n \"CVE-2016-1088\",\n \"CVE-2016-1090\",\n \"CVE-2016-1092\",\n \"CVE-2016-1093\",\n \"CVE-2016-1094\",\n \"CVE-2016-1095\",\n \"CVE-2016-1112\",\n \"CVE-2016-1116\",\n \"CVE-2016-1117\",\n \"CVE-2016-1118\",\n \"CVE-2016-1119\",\n \"CVE-2016-1120\",\n \"CVE-2016-1121\",\n \"CVE-2016-1122\",\n \"CVE-2016-1123\",\n \"CVE-2016-1124\",\n \"CVE-2016-1125\",\n \"CVE-2016-1126\",\n \"CVE-2016-1127\",\n \"CVE-2016-1128\",\n \"CVE-2016-1129\",\n \"CVE-2016-1130\",\n \"CVE-2016-4088\",\n \"CVE-2016-4089\",\n \"CVE-2016-4090\",\n \"CVE-2016-4091\",\n \"CVE-2016-4092\",\n \"CVE-2016-4093\",\n \"CVE-2016-4094\",\n \"CVE-2016-4096\",\n \"CVE-2016-4097\",\n \"CVE-2016-4098\",\n \"CVE-2016-4099\",\n \"CVE-2016-4100\",\n \"CVE-2016-4101\",\n \"CVE-2016-4102\",\n \"CVE-2016-4103\",\n \"CVE-2016-4104\",\n \"CVE-2016-4105\",\n \"CVE-2016-4106\",\n \"CVE-2016-4107\",\n \"CVE-2016-4119\"\n );\n script_bugtraq_id(90517);\n script_xref(name:\"ZDI\", value:\"ZDI-16-285\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-286\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-287\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-288\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-289\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-290\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-291\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-292\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-293\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-294\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-295\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-296\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-297\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-298\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-299\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-300\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-301\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-302\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-303\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-304\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-305\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-306\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-307\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-308\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-309\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-310\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-311\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-312\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-313\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-315\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-316\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-317\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-318\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-319\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-320\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-321\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-322\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-323\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-324\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-325\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-326\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-327\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-328\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-329\");\n\n script_name(english:\"Adobe Reader < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14) (Mac OS X)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Mac OS X host is\nprior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore,\naffected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1045,\n CVE-2016-1046, CVE-2016-1047, CVE-2016-1048,\n CVE-2016-1049, CVE-2016-1050, CVE-2016-1051,\n CVE-2016-1052, CVE-2016-1053, CVE-2016-1054,\n CVE-2016-1055, CVE-2016-1056, CVE-2016-1057,\n CVE-2016-1058, CVE-2016-1059, CVE-2016-1060,\n CVE-2016-1061, CVE-2016-1065, CVE-2016-1066,\n CVE-2016-1067, CVE-2016-1068, CVE-2016-1069,\n CVE-2016-1070, CVE-2016-1075, CVE-2016-1094,\n CVE-2016-1121, CVE-2016-1122, CVE-2016-4102,\n CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1037,\n CVE-2016-1063, CVE-2016-1064, CVE-2016-1071,\n CVE-2016-1072, CVE-2016-1073, CVE-2016-1074,\n CVE-2016-1076, CVE-2016-1077, CVE-2016-1078,\n CVE-2016-1080, CVE-2016-1081, CVE-2016-1082,\n CVE-2016-1083, CVE-2016-1084, CVE-2016-1085,\n CVE-2016-1086, CVE-2016-1088, CVE-2016-1093,\n CVE-2016-1095, CVE-2016-1116, CVE-2016-1118,\n CVE-2016-1119, CVE-2016-1120, CVE-2016-1123,\n CVE-2016-1124, CVE-2016-1125, CVE-2016-1126,\n CVE-2016-1127, CVE-2016-1128, CVE-2016-1129,\n CVE-2016-1130, CVE-2016-4088, CVE-2016-4089,\n CVE-2016-4090, CVE-2016-4093, CVE-2016-4094,\n CVE-2016-4096, CVE-2016-4097, CVE-2016-4098,\n CVE-2016-4099, CVE-2016-4100, CVE-2016-4101,\n CVE-2016-4103, CVE-2016-4104, CVE-2016-4105,\n CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an\n attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker\n to have an unspecified impact. (CVE-2016-1079,\n CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to\n disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to\n bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040,\n CVE-2016-1041, CVE-2016-1042, CVE-2016-1044,\n CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link\n libraries. An attacker can exploit this, via a specially\n crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 11.0.16 / 15.006.30172 / 15.016.20039\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_name = \"Adobe Reader\";\ninstall = get_single_install(app_name:app_name);\n\nversion = install['version'];\npath = install['path'];\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Affected is :\n#\n# 11.x < 11.0.16\n# DC Classic < 15.006.30172\n# DC Continuous < 15.016.20039\nif (\n (ver[0] == 11 && ver[1] == 0 && ver[2] <= 15) ||\n (ver[0] == 15 && ver[1] == 6 && ver[2] <= 30171) ||\n (ver[0] == 15 && ver[1] >= 7 && ver[1] <= 15) ||\n (ver[0] == 15 && ver[1] == 16 && ver[2] <= 20038)\n)\n{\n report = '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : 11.0.16 / 15.006.30172 / 15.016.20039' +\n '\\n';\n security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:55", "bulletinFamily": "scanner", "description": "The version of Adobe Reader installed on the remote Windows host is prior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, CVE-2016-4105, CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker to have an unspecified impact. (CVE-2016-1079, CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link libraries. An attacker can exploit this, via a specially crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-06-29T00:00:00", "id": "ADOBE_READER_APSB16-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91097", "published": "2016-05-12T00:00:00", "title": "Adobe Reader < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91097);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n\n script_cve_id(\n \"CVE-2016-1037\",\n \"CVE-2016-1038\",\n \"CVE-2016-1039\",\n \"CVE-2016-1040\",\n \"CVE-2016-1041\",\n \"CVE-2016-1042\",\n \"CVE-2016-1043\",\n \"CVE-2016-1044\",\n \"CVE-2016-1045\",\n \"CVE-2016-1046\",\n \"CVE-2016-1047\",\n \"CVE-2016-1048\",\n \"CVE-2016-1049\",\n \"CVE-2016-1050\",\n \"CVE-2016-1051\",\n \"CVE-2016-1052\",\n \"CVE-2016-1053\",\n \"CVE-2016-1054\",\n \"CVE-2016-1055\",\n \"CVE-2016-1056\",\n \"CVE-2016-1057\",\n \"CVE-2016-1058\",\n \"CVE-2016-1059\",\n \"CVE-2016-1060\",\n \"CVE-2016-1061\",\n \"CVE-2016-1062\",\n \"CVE-2016-1063\",\n \"CVE-2016-1064\",\n \"CVE-2016-1065\",\n \"CVE-2016-1066\",\n \"CVE-2016-1067\",\n \"CVE-2016-1068\",\n \"CVE-2016-1069\",\n \"CVE-2016-1070\",\n \"CVE-2016-1071\",\n \"CVE-2016-1072\",\n \"CVE-2016-1073\",\n \"CVE-2016-1074\",\n \"CVE-2016-1075\",\n \"CVE-2016-1076\",\n \"CVE-2016-1077\",\n \"CVE-2016-1078\",\n \"CVE-2016-1079\",\n \"CVE-2016-1080\",\n \"CVE-2016-1081\",\n \"CVE-2016-1082\",\n \"CVE-2016-1083\",\n \"CVE-2016-1084\",\n \"CVE-2016-1085\",\n \"CVE-2016-1086\",\n \"CVE-2016-1087\",\n \"CVE-2016-1088\",\n \"CVE-2016-1090\",\n \"CVE-2016-1092\",\n \"CVE-2016-1093\",\n \"CVE-2016-1094\",\n \"CVE-2016-1095\",\n \"CVE-2016-1112\",\n \"CVE-2016-1116\",\n \"CVE-2016-1117\",\n \"CVE-2016-1118\",\n \"CVE-2016-1119\",\n \"CVE-2016-1120\",\n \"CVE-2016-1121\",\n \"CVE-2016-1122\",\n \"CVE-2016-1123\",\n \"CVE-2016-1124\",\n \"CVE-2016-1125\",\n \"CVE-2016-1126\",\n \"CVE-2016-1127\",\n \"CVE-2016-1128\",\n \"CVE-2016-1129\",\n \"CVE-2016-1130\",\n \"CVE-2016-4088\",\n \"CVE-2016-4089\",\n \"CVE-2016-4090\",\n \"CVE-2016-4091\",\n \"CVE-2016-4092\",\n \"CVE-2016-4093\",\n \"CVE-2016-4094\",\n \"CVE-2016-4096\",\n \"CVE-2016-4097\",\n \"CVE-2016-4098\",\n \"CVE-2016-4099\",\n \"CVE-2016-4100\",\n \"CVE-2016-4101\",\n \"CVE-2016-4102\",\n \"CVE-2016-4103\",\n \"CVE-2016-4104\",\n \"CVE-2016-4105\",\n \"CVE-2016-4106\",\n \"CVE-2016-4107\",\n \"CVE-2016-4119\"\n );\n script_bugtraq_id(90517);\n script_xref(name:\"ZDI\", value:\"ZDI-16-285\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-286\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-287\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-288\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-289\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-290\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-291\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-292\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-293\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-294\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-295\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-296\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-297\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-298\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-299\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-300\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-301\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-302\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-303\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-304\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-305\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-306\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-307\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-308\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-309\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-310\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-311\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-312\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-313\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-315\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-316\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-317\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-318\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-319\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-320\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-321\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-322\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-323\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-324\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-325\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-326\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-327\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-328\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-329\");\n\n script_name(english:\"Adobe Reader < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\nprior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore,\naffected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1045,\n CVE-2016-1046, CVE-2016-1047, CVE-2016-1048,\n CVE-2016-1049, CVE-2016-1050, CVE-2016-1051,\n CVE-2016-1052, CVE-2016-1053, CVE-2016-1054,\n CVE-2016-1055, CVE-2016-1056, CVE-2016-1057,\n CVE-2016-1058, CVE-2016-1059, CVE-2016-1060,\n CVE-2016-1061, CVE-2016-1065, CVE-2016-1066,\n CVE-2016-1067, CVE-2016-1068, CVE-2016-1069,\n CVE-2016-1070, CVE-2016-1075, CVE-2016-1094,\n CVE-2016-1121, CVE-2016-1122, CVE-2016-4102,\n CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1037,\n CVE-2016-1063, CVE-2016-1064, CVE-2016-1071,\n CVE-2016-1072, CVE-2016-1073, CVE-2016-1074,\n CVE-2016-1076, CVE-2016-1077, CVE-2016-1078,\n CVE-2016-1080, CVE-2016-1081, CVE-2016-1082,\n CVE-2016-1083, CVE-2016-1084, CVE-2016-1085,\n CVE-2016-1086, CVE-2016-1088, CVE-2016-1093,\n CVE-2016-1095, CVE-2016-1116, CVE-2016-1118,\n CVE-2016-1119, CVE-2016-1120, CVE-2016-1123,\n CVE-2016-1124, CVE-2016-1125, CVE-2016-1126,\n CVE-2016-1127, CVE-2016-1128, CVE-2016-1129,\n CVE-2016-1130, CVE-2016-4088, CVE-2016-4089,\n CVE-2016-4090, CVE-2016-4093, CVE-2016-4094,\n CVE-2016-4096, CVE-2016-4097, CVE-2016-4098,\n CVE-2016-4099, CVE-2016-4100, CVE-2016-4101,\n CVE-2016-4103, CVE-2016-4104, CVE-2016-4105,\n CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an\n attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker\n to have an unspecified impact. (CVE-2016-1079,\n CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to\n disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to\n bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040,\n CVE-2016-1041, CVE-2016-1042, CVE-2016-1044,\n CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link\n libraries. An attacker can exploit this, via a specially\n crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb16-14.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 11.0.16 / 15.006.30172 / 15.016.20039\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_name = \"Adobe Reader\";\ninstall = get_single_install(app_name:app_name);\n\n# NOTE: For this version of Reader, the AcroRd32.dll file was only\n# updated to reflect the proper version. The normal EXE was\n# not updated, so we have to look at the DLL.\n# The detection plugin will not report the proper version.\nversion = install['DLL_Product_Version']; # DLL version - not EXE\npath = install['path'];\nverui = install['DLL_Display_Version'];\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Affected is :\n#\n# 11.x < 11.0.16\n# DC Classic < 15.006.30172\n# DC Continuous < 15.016.20039\nif (\n (ver[0] == 11 && ver[1] == 0 && ver[2] <= 15) ||\n (ver[0] == 15 && ver[1] == 6 && ver[2] <= 30171) ||\n (ver[0] == 15 && ver[1] >= 7 && ver[1] <= 15) ||\n (ver[0] == 15 && ver[1] == 16 && ver[2] <= 20038)\n)\n{\n port = get_kb_item('SMB/transport');\n if(!port) port = 445;\n\n report = '\\n Note: The Adobe Reader version was extracted from AcroRd32.dll.' +\n '\\n Path : '+path+\n '\\n Installed version : '+verui+\n '\\n Fixed version : 11.0.16 / 15.006.30172 / 15.016.20039' +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, verui, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:55", "bulletinFamily": "scanner", "description": "The version of Adobe Acrobat installed on the remote Windows host is prior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, CVE-2016-4105, CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker to have an unspecified impact. (CVE-2016-1079, CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link libraries. An attacker can exploit this, via a specially crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-06-29T00:00:00", "id": "ADOBE_ACROBAT_APSB16-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91096", "published": "2016-05-12T00:00:00", "title": "Adobe Acrobat < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91096);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n\n script_cve_id(\n \"CVE-2016-1037\",\n \"CVE-2016-1038\",\n \"CVE-2016-1039\",\n \"CVE-2016-1040\",\n \"CVE-2016-1041\",\n \"CVE-2016-1042\",\n \"CVE-2016-1043\",\n \"CVE-2016-1044\",\n \"CVE-2016-1045\",\n \"CVE-2016-1046\",\n \"CVE-2016-1047\",\n \"CVE-2016-1048\",\n \"CVE-2016-1049\",\n \"CVE-2016-1050\",\n \"CVE-2016-1051\",\n \"CVE-2016-1052\",\n \"CVE-2016-1053\",\n \"CVE-2016-1054\",\n \"CVE-2016-1055\",\n \"CVE-2016-1056\",\n \"CVE-2016-1057\",\n \"CVE-2016-1058\",\n \"CVE-2016-1059\",\n \"CVE-2016-1060\",\n \"CVE-2016-1061\",\n \"CVE-2016-1062\",\n \"CVE-2016-1063\",\n \"CVE-2016-1064\",\n \"CVE-2016-1065\",\n \"CVE-2016-1066\",\n \"CVE-2016-1067\",\n \"CVE-2016-1068\",\n \"CVE-2016-1069\",\n \"CVE-2016-1070\",\n \"CVE-2016-1071\",\n \"CVE-2016-1072\",\n \"CVE-2016-1073\",\n \"CVE-2016-1074\",\n \"CVE-2016-1075\",\n \"CVE-2016-1076\",\n \"CVE-2016-1077\",\n \"CVE-2016-1078\",\n \"CVE-2016-1079\",\n \"CVE-2016-1080\",\n \"CVE-2016-1081\",\n \"CVE-2016-1082\",\n \"CVE-2016-1083\",\n \"CVE-2016-1084\",\n \"CVE-2016-1085\",\n \"CVE-2016-1086\",\n \"CVE-2016-1087\",\n \"CVE-2016-1088\",\n \"CVE-2016-1090\",\n \"CVE-2016-1092\",\n \"CVE-2016-1093\",\n \"CVE-2016-1094\",\n \"CVE-2016-1095\",\n \"CVE-2016-1112\",\n \"CVE-2016-1116\",\n \"CVE-2016-1117\",\n \"CVE-2016-1118\",\n \"CVE-2016-1119\",\n \"CVE-2016-1120\",\n \"CVE-2016-1121\",\n \"CVE-2016-1122\",\n \"CVE-2016-1123\",\n \"CVE-2016-1124\",\n \"CVE-2016-1125\",\n \"CVE-2016-1126\",\n \"CVE-2016-1127\",\n \"CVE-2016-1128\",\n \"CVE-2016-1129\",\n \"CVE-2016-1130\",\n \"CVE-2016-4088\",\n \"CVE-2016-4089\",\n \"CVE-2016-4090\",\n \"CVE-2016-4091\",\n \"CVE-2016-4092\",\n \"CVE-2016-4093\",\n \"CVE-2016-4094\",\n \"CVE-2016-4096\",\n \"CVE-2016-4097\",\n \"CVE-2016-4098\",\n \"CVE-2016-4099\",\n \"CVE-2016-4100\",\n \"CVE-2016-4101\",\n \"CVE-2016-4102\",\n \"CVE-2016-4103\",\n \"CVE-2016-4104\",\n \"CVE-2016-4105\",\n \"CVE-2016-4106\",\n \"CVE-2016-4107\",\n \"CVE-2016-4119\"\n );\n script_bugtraq_id(90517);\n script_xref(name:\"ZDI\", value:\"ZDI-16-285\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-286\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-287\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-288\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-289\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-290\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-291\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-292\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-293\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-294\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-295\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-296\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-297\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-298\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-299\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-300\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-301\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-302\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-303\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-304\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-305\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-306\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-307\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-308\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-309\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-310\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-311\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-312\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-313\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-315\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-316\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-317\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-318\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-319\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-320\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-321\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-322\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-323\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-324\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-325\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-326\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-327\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-328\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-329\");\n\n script_name(english:\"Adobe Acrobat < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\nprior to 11.0.16, 15.006.30172, or 15.016.20039. It is, therefore,\naffected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1045,\n CVE-2016-1046, CVE-2016-1047, CVE-2016-1048,\n CVE-2016-1049, CVE-2016-1050, CVE-2016-1051,\n CVE-2016-1052, CVE-2016-1053, CVE-2016-1054,\n CVE-2016-1055, CVE-2016-1056, CVE-2016-1057,\n CVE-2016-1058, CVE-2016-1059, CVE-2016-1060,\n CVE-2016-1061, CVE-2016-1065, CVE-2016-1066,\n CVE-2016-1067, CVE-2016-1068, CVE-2016-1069,\n CVE-2016-1070, CVE-2016-1075, CVE-2016-1094,\n CVE-2016-1121, CVE-2016-1122, CVE-2016-4102,\n CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1037,\n CVE-2016-1063, CVE-2016-1064, CVE-2016-1071,\n CVE-2016-1072, CVE-2016-1073, CVE-2016-1074,\n CVE-2016-1076, CVE-2016-1077, CVE-2016-1078,\n CVE-2016-1080, CVE-2016-1081, CVE-2016-1082,\n CVE-2016-1083, CVE-2016-1084, CVE-2016-1085,\n CVE-2016-1086, CVE-2016-1088, CVE-2016-1093,\n CVE-2016-1095, CVE-2016-1116, CVE-2016-1118,\n CVE-2016-1119, CVE-2016-1120, CVE-2016-1123,\n CVE-2016-1124, CVE-2016-1125, CVE-2016-1126,\n CVE-2016-1127, CVE-2016-1128, CVE-2016-1129,\n CVE-2016-1130, CVE-2016-4088, CVE-2016-4089,\n CVE-2016-4090, CVE-2016-4093, CVE-2016-4094,\n CVE-2016-4096, CVE-2016-4097, CVE-2016-4098,\n CVE-2016-4099, CVE-2016-4100, CVE-2016-4101,\n CVE-2016-4103, CVE-2016-4104, CVE-2016-4105,\n CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an\n attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker\n to have an unspecified impact. (CVE-2016-1079,\n CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to\n disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to\n bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040,\n CVE-2016-1041, CVE-2016-1042, CVE-2016-1044,\n CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link\n libraries. An attacker can exploit this, via a specially\n crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/reader/apsb16-14.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 11.0.16 / 15.006.30172 / 15.016.20039\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_name = \"Adobe Acrobat\";\ninstall = get_single_install(app_name:app_name);\n\nversion = install['version'];\npath = install['path'];\nverui = install['display_version'];\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Affected is :\n# \n# 11.x < 11.0.16\n# DC Classic < 15.006.30172\n# DC Continuous < 15.016.20039\nif (\n (ver[0] == 11 && ver[1] == 0 && ver[2] <= 15) ||\n (ver[0] == 15 && ver[1] == 6 && ver[2] <= 30171) ||\n (ver[0] == 15 && ver[1] >= 7 && ver[1] <= 15) ||\n (ver[0] == 15 && ver[1] == 16 && ver[2] <= 20038)\n)\n{\n port = get_kb_item('SMB/transport');\n if(!port) port = 445;\n\n report = '\\n Path : '+path+\n '\\n Installed version : '+verui+\n '\\n Fixed version : 11.0.16 / 15.006.30172 / 15.016.20039' +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, verui, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:26:55", "bulletinFamily": "scanner", "description": "The version of Adobe Acrobat installed on the remote Mac OS X host is prior to 11.0.16 / 15.006.30172 / 15.016.20039. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an attacker to execute arbitrary code. (CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an attacker to execute arbitrary code. (CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, CVE-2016-4105, CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker to have an unspecified impact. (CVE-2016-1079, CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link libraries. An attacker can exploit this, via a specially crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "modified": "2018-07-16T00:00:00", "id": "MACOSX_ADOBE_ACROBAT_APSB16-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91098", "published": "2016-05-12T00:00:00", "title": "Adobe Acrobat < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14) (Mac OS X)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91098);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2016-1037\",\n \"CVE-2016-1038\",\n \"CVE-2016-1039\",\n \"CVE-2016-1040\",\n \"CVE-2016-1041\",\n \"CVE-2016-1042\",\n \"CVE-2016-1043\",\n \"CVE-2016-1044\",\n \"CVE-2016-1045\",\n \"CVE-2016-1046\",\n \"CVE-2016-1047\",\n \"CVE-2016-1048\",\n \"CVE-2016-1049\",\n \"CVE-2016-1050\",\n \"CVE-2016-1051\",\n \"CVE-2016-1052\",\n \"CVE-2016-1053\",\n \"CVE-2016-1054\",\n \"CVE-2016-1055\",\n \"CVE-2016-1056\",\n \"CVE-2016-1057\",\n \"CVE-2016-1058\",\n \"CVE-2016-1059\",\n \"CVE-2016-1060\",\n \"CVE-2016-1061\",\n \"CVE-2016-1062\",\n \"CVE-2016-1063\",\n \"CVE-2016-1064\",\n \"CVE-2016-1065\",\n \"CVE-2016-1066\",\n \"CVE-2016-1067\",\n \"CVE-2016-1068\",\n \"CVE-2016-1069\",\n \"CVE-2016-1070\",\n \"CVE-2016-1071\",\n \"CVE-2016-1072\",\n \"CVE-2016-1073\",\n \"CVE-2016-1074\",\n \"CVE-2016-1075\",\n \"CVE-2016-1076\",\n \"CVE-2016-1077\",\n \"CVE-2016-1078\",\n \"CVE-2016-1079\",\n \"CVE-2016-1080\",\n \"CVE-2016-1081\",\n \"CVE-2016-1082\",\n \"CVE-2016-1083\",\n \"CVE-2016-1084\",\n \"CVE-2016-1085\",\n \"CVE-2016-1086\",\n \"CVE-2016-1087\",\n \"CVE-2016-1088\",\n \"CVE-2016-1090\",\n \"CVE-2016-1092\",\n \"CVE-2016-1093\",\n \"CVE-2016-1094\",\n \"CVE-2016-1095\",\n \"CVE-2016-1112\",\n \"CVE-2016-1116\",\n \"CVE-2016-1117\",\n \"CVE-2016-1118\",\n \"CVE-2016-1119\",\n \"CVE-2016-1120\",\n \"CVE-2016-1121\",\n \"CVE-2016-1122\",\n \"CVE-2016-1123\",\n \"CVE-2016-1124\",\n \"CVE-2016-1125\",\n \"CVE-2016-1126\",\n \"CVE-2016-1127\",\n \"CVE-2016-1128\",\n \"CVE-2016-1129\",\n \"CVE-2016-1130\",\n \"CVE-2016-4088\",\n \"CVE-2016-4089\",\n \"CVE-2016-4090\",\n \"CVE-2016-4091\",\n \"CVE-2016-4092\",\n \"CVE-2016-4093\",\n \"CVE-2016-4094\",\n \"CVE-2016-4096\",\n \"CVE-2016-4097\",\n \"CVE-2016-4098\",\n \"CVE-2016-4099\",\n \"CVE-2016-4100\",\n \"CVE-2016-4101\",\n \"CVE-2016-4102\",\n \"CVE-2016-4103\",\n \"CVE-2016-4104\",\n \"CVE-2016-4105\",\n \"CVE-2016-4106\",\n \"CVE-2016-4107\",\n \"CVE-2016-4119\"\n );\n script_bugtraq_id(90517);\n script_xref(name:\"ZDI\", value:\"ZDI-16-285\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-286\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-287\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-288\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-289\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-290\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-291\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-292\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-293\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-294\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-295\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-296\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-297\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-298\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-299\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-300\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-301\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-302\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-303\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-304\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-305\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-306\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-307\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-308\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-309\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-310\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-311\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-312\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-313\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-315\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-316\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-317\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-318\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-319\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-320\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-321\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-322\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-323\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-324\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-325\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-326\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-327\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-328\");\n script_xref(name:\"ZDI\", value:\"ZDI-16-329\");\n\n script_name(english:\"Adobe Acrobat < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14) (Mac OS X)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Mac OS X host is\nprior to 11.0.16 / 15.006.30172 / 15.016.20039. It is, therefore,\naffected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1045,\n CVE-2016-1046, CVE-2016-1047, CVE-2016-1048,\n CVE-2016-1049, CVE-2016-1050, CVE-2016-1051,\n CVE-2016-1052, CVE-2016-1053, CVE-2016-1054,\n CVE-2016-1055, CVE-2016-1056, CVE-2016-1057,\n CVE-2016-1058, CVE-2016-1059, CVE-2016-1060,\n CVE-2016-1061, CVE-2016-1065, CVE-2016-1066,\n CVE-2016-1067, CVE-2016-1068, CVE-2016-1069,\n CVE-2016-1070, CVE-2016-1075, CVE-2016-1094,\n CVE-2016-1121, CVE-2016-1122, CVE-2016-4102,\n CVE-2016-4107)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2016-4091, CVE-2016-4092)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2016-1037,\n CVE-2016-1063, CVE-2016-1064, CVE-2016-1071,\n CVE-2016-1072, CVE-2016-1073, CVE-2016-1074,\n CVE-2016-1076, CVE-2016-1077, CVE-2016-1078,\n CVE-2016-1080, CVE-2016-1081, CVE-2016-1082,\n CVE-2016-1083, CVE-2016-1084, CVE-2016-1085,\n CVE-2016-1086, CVE-2016-1088, CVE-2016-1093,\n CVE-2016-1095, CVE-2016-1116, CVE-2016-1118,\n CVE-2016-1119, CVE-2016-1120, CVE-2016-1123,\n CVE-2016-1124, CVE-2016-1125, CVE-2016-1126,\n CVE-2016-1127, CVE-2016-1128, CVE-2016-1129,\n CVE-2016-1130, CVE-2016-4088, CVE-2016-4089,\n CVE-2016-4090, CVE-2016-4093, CVE-2016-4094,\n CVE-2016-4096, CVE-2016-4097, CVE-2016-4098,\n CVE-2016-4099, CVE-2016-4100, CVE-2016-4101,\n CVE-2016-4103, CVE-2016-4104, CVE-2016-4105,\n CVE-2016-4119)\n\n - An integer overflow vulnerability exists that allows an\n attacker to execute arbitrary code. (CVE-2016-1043)\n\n - Multiple memory leak issues exist that allow an attacker\n to have an unspecified impact. (CVE-2016-1079,\n CVE-2016-1092)\n\n - An unspecified flaw exists that allows an attacker to\n disclose sensitive information. (CVE-2016-1112)\n\n - Multiple vulnerabilities exist that allow an attacker to\n bypass restrictions on JavaScript API execution.\n (CVE-2016-1038, CVE-2016-1039, CVE-2016-1040,\n CVE-2016-1041, CVE-2016-1042, CVE-2016-1044,\n CVE-2016-1062, CVE-2016-1117)\n\n - Multiple flaws exist when loading dynamic-link\n libraries. An attacker can exploit this, via a specially\n crafted .dll file, to execute arbitrary code.\n (CVE-2016-1087, CVE-2016-1090, CVE-2016-4106)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/reader/apsb16-14.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 11.0.16 / 15.006.30172 / 15.016.20039\nor later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_name = \"Adobe Acrobat\";\ninstall = get_single_install(app_name:app_name);\n\nversion = install['version'];\npath = install['path'];\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Affected is :\n#\n# 11.x < 11.0.16\n# DC Classic < 15.006.30172\n# DC Continuous < 15.016.20039\nif (\n (ver[0] == 11 && ver[1] == 0 && ver[2] <= 15) ||\n (ver[0] == 15 && ver[1] == 6 && ver[2] <= 30171) ||\n (ver[0] == 15 && ver[1] >= 7 && ver[1] <= 15) ||\n (ver[0] == 15 && ver[1] == 16 && ver[2] <= 20038)\n)\n{\n report = '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : 11.0.16 / 15.006.30172 / 15.016.20039' +\n '\\n';\n security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}