Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_ADOBE_READER_APSB23-54.NASL
HistoryNov 14, 2023 - 12:00 a.m.

Adobe Reader < 20.005.30539 / 23.006.20380 Multiple Vulnerabilities (APSB23-54) (macOS)

2023-11-1400:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
adobe reader
vulnerabilities
macos
use after free
out-of-bounds read
access of uninitialized pointer
arbitrary code execution
memory leak

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.8%

JSON

The version of Adobe Reader installed on the remote macOS host is a version prior to 20.005.30539 or 23.006.20380. It is, therefore, affected by multiple vulnerabilities.

  • Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2023-44336, CVE-2023-44359, CVE-2023-44367, CVE-2023-44371, CVE-2023-44372)

  • Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2023-44337, CVE-2023-44338)

  • Access of Uninitialized Pointer (CWE-824) potentially leading to Arbitrary code execution (CVE-2023-44365)

  • Out-of-bounds Write (CWE-787) potentially leading to Arbitrary code execution (CVE-2023-44366)

  • Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2023-44339, CVE-2023-44340, CVE-2023-44348, CVE-2023-44356, CVE-2023-44357, CVE-2023-44358, CVE-2023-44360)

  • Use After Free (CWE-416) potentially leading to Memory leak (CVE-2023-44361)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(185554);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/16");

  script_cve_id(
    "CVE-2023-44336",
    "CVE-2023-44337",
    "CVE-2023-44338",
    "CVE-2023-44339",
    "CVE-2023-44340",
    "CVE-2023-44348",
    "CVE-2023-44356",
    "CVE-2023-44357",
    "CVE-2023-44358",
    "CVE-2023-44359",
    "CVE-2023-44360",
    "CVE-2023-44361",
    "CVE-2023-44365",
    "CVE-2023-44366",
    "CVE-2023-44367",
    "CVE-2023-44371",
    "CVE-2023-44372"
  );
  script_xref(name:"IAVA", value:"2023-A-0626-S");

  script_name(english:"Adobe Reader < 20.005.30539 / 23.006.20380 Multiple Vulnerabilities (APSB23-54) (macOS)");

  script_set_attribute(attribute:"synopsis", value:
"The version of Adobe Reader installed on the remote macOS host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Reader installed on the remote macOS host is a version prior to 20.005.30539 or 23.006.20380. It
is, therefore, affected by multiple vulnerabilities.

  - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2023-44336, CVE-2023-44359,
    CVE-2023-44367, CVE-2023-44371, CVE-2023-44372)

  - Out-of-bounds Read (CWE-125) potentially leading to Arbitrary code execution (CVE-2023-44337,
    CVE-2023-44338)

  - Access of Uninitialized Pointer (CWE-824) potentially leading to Arbitrary code execution (CVE-2023-44365)

  - Out-of-bounds Write (CWE-787) potentially leading to Arbitrary code execution (CVE-2023-44366)

  - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2023-44339, CVE-2023-44340,
    CVE-2023-44348, CVE-2023-44356, CVE-2023-44357, CVE-2023-44358, CVE-2023-44360)

  - Use After Free (CWE-416) potentially leading to Memory leak (CVE-2023-44361)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/acrobat/apsb23-54.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Reader version 20.005.30539 / 23.006.20380 or later.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-44372");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(125, 416, 787, 824);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/11/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_adobe_reader_installed.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "installed_sw/Adobe Reader");

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

get_kb_item_or_exit('Host/local_checks_enabled');
os = get_kb_item('Host/MacOSX/Version');
if (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');

var app_info = vcf::get_app_info(app:'Adobe Reader');

# vcf::adobe_reader::check_version_and_report will
# properly separate tracks when checking constraints.
# x.y.30zzz = DC Classic
# x.y.20zzz = DC Continuous
var constraints = [
  { 'min_version' : '15.7', 'max_version' : '23.006.20360', 'fixed_version' : '23.006.20380' },
  { 'min_version' : '20.1', 'max_version' : '20.005.30524', 'fixed_version' : '20.005.30539' }
];
vcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);
VendorProductVersionCPE
adobeacrobat_readercpe:/a:adobe:acrobat_reader

References

Related

openvas 8
nessus 3
kaspersky 1
adobe 1
cve 17
zdi 48
cvelist 17
nvd 17
prion 17
talos 2
talosblog 1
openvas
openvas
Adobe Reader Classic 2020 Security Update (APSB23-54) - Mac OS X
2023-11-17 00:00:00
Adobe Acrobat Classic 2020 Security Update (APSB23-54) - Mac OS X
2023-11-17 00:00:00
Adobe Acrobat DC Continuous Security Update (APSB23-54) - Windows
2023-11-17 00:00:00
nessus
nessus
Adobe Acrobat < 20.005.30539 / 23.006.20380 Multiple Vulnerabilities (APSB23-54)
2023-11-14 00:00:00
Adobe Acrobat < 20.005.30539 / 23.006.20380 Multiple Vulnerabilities (APSB23-54) (macOS)
2023-11-14 00:00:00
Adobe Reader < 20.005.30539 / 23.006.20380 Multiple Vulnerabilities (APSB23-54)
2023-11-14 00:00:00
kaspersky
kaspersky
KLA61972 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2023-11-14 00:00:00
adobe
adobe
APSB23-54 : Security update available for Adobe Acrobat and Reader
2023-11-14 00:00:00
cve
cve
CVE-2023-44372
2023-11-16 10:15:18
CVE-2023-44338
2023-11-16 10:15:10
CVE-2023-44340
2023-11-16 10:15:11
zdi
zdi
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
2023-11-15 00:00:00
Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability
2023-11-15 00:00:00
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-11-15 00:00:00
cvelist
cvelist
CVE-2023-44336 TALOS-2023-1794 - Adobe Acrobat Reader Thermometer use-after-free vulnerability
2023-11-16 09:52:46
CVE-2023-44358 ZDI-CAN-21971: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-11-16 09:52:49
CVE-2023-44372 TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability
2023-11-16 09:52:42
nvd
nvd
CVE-2023-44336
2023-11-16 10:15:08
CVE-2023-44358
2023-11-16 10:15:13
CVE-2023-44361
2023-11-16 10:15:15
prion
prion
Design/Logic Flaw
2023-11-16 10:15:00
Design/Logic Flaw
2023-11-16 10:15:00
Design/Logic Flaw
2023-11-16 10:15:00
talos
talos
Adobe Acrobat Reader U3D page event use-after-free vulnerability
2023-11-15 00:00:00
Adobe Acrobat Reader Thermometer use-after-free vulnerability
2023-11-15 00:00:00
talosblog
talosblog
Vulnerabilities in Adobe Acrobat, Microsoft Excel could lead to arbitrary code execution
2023-11-22 17:00:10

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.8%

JSON
Related for MACOS_ADOBE_READER_APSB23-54.NASL
openvas8nessus3kaspersky1adobe1cve17zdi48cvelist17nvd17prion17talos2talosblog1