Lucene search
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2009-1109.NASLHistoryAug 24, 2009 - 12:00 a.m.
RHEL 3 / 4 / 5 : acroread (RHSA-2009:1109)
2009-08-2400:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the Red Hat Security Response Team.
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
Multiple security flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.
(CVE-2009-0198, CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889, CVE-2009-1855, CVE-2009-1856, CVE-2009-1857, CVE-2009-1858, CVE-2009-1859, CVE-2009-1861, CVE-2009-2028)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 8.1.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2009:1109. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(40746);
script_version("1.31");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2009-0198", "CVE-2009-0509", "CVE-2009-0510", "CVE-2009-0511", "CVE-2009-0512", "CVE-2009-0888", "CVE-2009-0889", "CVE-2009-1855", "CVE-2009-1856", "CVE-2009-1857", "CVE-2009-1858", "CVE-2009-1859", "CVE-2009-1861", "CVE-2009-2028");
script_bugtraq_id(35274, 35282, 35289, 35293, 35294, 35295, 35296, 35298, 35299, 35300, 35302, 35303);
script_xref(name:"RHSA", value:"2009:1109");
script_name(english:"RHEL 3 / 4 / 5 : acroread (RHSA-2009:1109)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise
Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
Adobe Reader allows users to view and print documents in Portable
Document Format (PDF).
Multiple security flaws were discovered in Adobe Reader. A specially
crafted PDF file could cause Adobe Reader to crash or, potentially,
execute arbitrary code as the user running Adobe Reader when opened.
(CVE-2009-0198, CVE-2009-0509, CVE-2009-0510, CVE-2009-0511,
CVE-2009-0512, CVE-2009-0888, CVE-2009-0889, CVE-2009-1855,
CVE-2009-1856, CVE-2009-1857, CVE-2009-1858, CVE-2009-1859,
CVE-2009-1861, CVE-2009-2028)
All Adobe Reader users should install these updated packages. They
contain Adobe Reader version 8.1.6, which is not vulnerable to these
issues. All running instances of Adobe Reader must be restarted for
the update to take effect."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0198"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0509"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0510"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0511"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0512"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0888"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-0889"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1855"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1856"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1857"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1858"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1859"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-1861"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2009-2028"
);
# http://www.adobe.com/support/security/bulletins/apsb09-07.html
script_set_attribute(
attribute:"see_also",
value:"https://www.adobe.com/support/security/bulletins/apsb09-07.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2009:1109"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected acroread and / or acroread-plugin packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_cwe_id(119, 189, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.3");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/11");
script_set_attribute(attribute:"patch_publication_date", value:"2009/06/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/24");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2009:1109";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-8.1.6-1")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-plugin-8.1.6-1")) flag++;
if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-8.1.6-1.el4")) flag++;
if (rpm_check(release:"RHEL4", cpu:"i386", reference:"acroread-plugin-8.1.6-1.el4")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-8.1.6-2.el5")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"acroread-plugin-8.1.6-2.el5")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-plugin");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | acroread | p-cpe:/a:redhat:enterprise_linux:acroread |
| redhat | enterprise_linux | acroread-plugin | p-cpe:/a:redhat:enterprise_linux:acroread-plugin |
| redhat | enterprise_linux | 3 | cpe:/o:redhat:enterprise_linux:3 |
| redhat | enterprise_linux | 4 | cpe:/o:redhat:enterprise_linux:4 |
| redhat | enterprise_linux | 4.8 | cpe:/o:redhat:enterprise_linux:4.8 |
| redhat | enterprise_linux | 5 | cpe:/o:redhat:enterprise_linux:5 |
| redhat | enterprise_linux | 5.3 | cpe:/o:redhat:enterprise_linux:5.3 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0198
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0510
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0511
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0512
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2028
access.redhat.com/errata/RHSA-2009:1109
access.redhat.com/security/cve/cve-2009-0198
access.redhat.com/security/cve/cve-2009-0509
access.redhat.com/security/cve/cve-2009-0510
access.redhat.com/security/cve/cve-2009-0511
access.redhat.com/security/cve/cve-2009-0512
access.redhat.com/security/cve/cve-2009-0888
access.redhat.com/security/cve/cve-2009-0889
access.redhat.com/security/cve/cve-2009-1855
access.redhat.com/security/cve/cve-2009-1856
access.redhat.com/security/cve/cve-2009-1857
access.redhat.com/security/cve/cve-2009-1858
access.redhat.com/security/cve/cve-2009-1859
access.redhat.com/security/cve/cve-2009-1861
access.redhat.com/security/cve/cve-2009-2028
www.adobe.com/support/security/bulletins/apsb09-07.html
Related
openvas
openvas
RedHat Security Advisory RHSA-2009:1109
2009-06-23 00:00:00
Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
2009-06-16 00:00:00
RedHat Security Advisory RHSA-2009:1109
2009-06-23 00:00:00
nessus
nessus
Adobe Acrobat < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities
2009-08-28 00:00:00
Adobe Reader < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities
2009-06-11 00:00:00
openSUSE Security Update : acroread (acroread-1060)
2009-07-21 00:00:00
threatpost
threatpost
Adobe slaps band-aid on 13 security holes
2009-06-09 21:54:04
redhat
redhat
(RHSA-2009:1109) Critical: acroread security update
2009-06-17 00:00:00
suse
suse
remote code execution in acroread
2009-07-01 18:07:59
gentoo
gentoo
Adobe Reader: User-assisted execution of arbitrary code
2009-07-12 00:00:00
cve
cve
prion
prion
ubuntucve
ubuntucve
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Adobe Acrobat / Reader code execution
2009-09-04 00:00:00
cert
cert
Adobe Reader contains multiple vulnerabilities in the processing of JPX data
2009-06-09 00:00:00
zdi
zdi
Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
2009-06-10 00:00:00
seebug
seebug
Adobe ReaderๅAcrobat U3D Model่ฟ็จๆ ็ผๅฒๅบๆบขๅบๆผๆด
2009-06-13 00:00:00
Related for REDHAT-RHSA-2009-1109.NASL