Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2022 Tenable Network Security, Inc.SUSE_11_ACROREAD-120112.NASL
HistoryJan 18, 2012 - 12:00 a.m.

SuSE 11.1 Security Update : Acrobat Reader (SAT Patch Number 5649)

2012-01-1800:00:00
This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.
www.tenable.com
17
JSON

Acrobat Reader was updated to version 9.4.7 to fix two security issues. (CVE-2011-2462 / CVE-2011-4369)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(57586);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/08");

  script_cve_id("CVE-2011-2462", "CVE-2011-4369");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");

  script_name(english:"SuSE 11.1 Security Update : Acrobat Reader (SAT Patch Number 5649)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"Acrobat Reader was updated to version 9.4.7 to fix two security
issues. (CVE-2011-2462 / CVE-2011-4369)");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=735275");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-2462.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-4369.html");
  script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 5649.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Reader U3D Memory Corruption Vulnerability');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/01/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-cmaps");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");


flag = 0;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-9.4.7-0.2.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-cmaps-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-fonts-ja-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-fonts-ko-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-fonts-zh_CN-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"acroread-fonts-zh_TW-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"acroread-cmaps-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"acroread-fonts-ja-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"acroread-fonts-ko-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"acroread-fonts-zh_CN-9.4.6-0.4.2.2")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"acroread-fonts-zh_TW-9.4.6-0.4.2.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-cmaps
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_cn
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_tw
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

threatpost 4
nessus 12
securityvulns 3
openvas 9
redhat 1
suse 2
checkpoint_advisories 2
cve 2
ubuntucve 2
prion 2
seebug 3
metasploit 1
attackerkb 1
cisa_kev 1
cert 1
packetstorm 1
thn 1
canvas 1
exploitdb 1
saint 4
freebsd 1
gentoo 1
threatpost
threatpost
Adobe Plans Critical Security Updates for Reader, Acrobat Next Week
2012-01-06 19:26:09
Attackers Using Known Trojan in Exploits on Adobe Zero Day
2011-12-08 13:07:31
Adobe Warns of Critical Zero-Day Flaw in Reader and Acrobat
2011-12-06 19:30:06
nessus
nessus
RHEL 5 / 6 : acroread (RHSA-2012:0011)
2012-01-11 00:00:00
Adobe Reader < 9.4.7 Multiple Memory Corruption Vulnerabilities (APSB11-30)
2011-12-07 00:00:00
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 7924)
2012-01-18 00:00:00
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2011-12-19 00:00:00
Adobe Acrobat / Reader multiple security vulnerabilities
2012-02-13 00:00:00
Security updates available for Adobe Reader and Acrobat
2012-01-21 00:00:00
openvas
openvas
SuSE Update for acroread openSUSE-SU-2012:0087-1 (acroread)
2012-08-02 00:00:00
openSUSE: Security Advisory for acroread (openSUSE-SU-2012:0087-1)
2012-08-02 00:00:00
Adobe Reader/Acrobat 'U3D' Component Memory Corruption Vulnerability (APSA11-04, APSB11-30) - Windows
2011-12-09 00:00:00
redhat
redhat
(RHSA-2012:0011) Critical: acroread security update
2012-01-10 00:00:00
suse
suse
acroread (important)
2012-01-17 18:08:26
Security update for Acrobat Reader (important)
2012-01-17 17:08:27
checkpoint_advisories
checkpoint_advisories
Adobe Reader and Acrobat PRC Heap Spraying (APSB11-30; CVE-2011-4369)
2011-12-22 00:00:00
Adobe Reader and Acrobat U3D Shading Modifier Memory Corruption (APSA11-04; CVE-2011-2462)
2011-12-07 00:00:00
cve
cve
CVE-2011-4369
2011-12-16 19:55:00
CVE-2011-2462
2011-12-07 19:55:00
ubuntucve
ubuntucve
CVE-2011-4369
2011-12-16 00:00:00
CVE-2011-2462
2011-12-07 00:00:00
prion
prion
Memory corruption
2011-12-16 19:55:00
Memory corruption
2011-12-07 19:55:00
seebug
seebug
Adobe Acrobatๅ’ŒReaderๅ†…ๅญ˜็ ดๅๆผๆดž(CVE-2011-4369)
2011-12-19 00:00:00
Adobe Reader U3Dๆ•ฐๆฎๅค„็†ไปฃ็ ๆ‰ง่กŒๆผๆดž
2011-12-08 00:00:00
Adobe Reader U3D Memory Corruption Vulnerability
2014-07-01 00:00:00
metasploit
metasploit
Adobe Reader U3D Memory Corruption Vulnerability
2012-01-04 09:49:49
attackerkb
attackerkb
CVE-2011-2462
2011-12-07 00:00:00
cisa_kev
cisa_kev
Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability
2022-06-08 00:00:00
cert
cert
Adobe Acrobat and Reader U3D memory corruption vulnerability
2011-12-08 00:00:00
packetstorm
packetstorm
Adobe Reader U3D Memory Corruption
2012-01-04 00:00:00
thn
thn
Critical Zero-day Vulnerability in Adobe Reader
2011-12-08 03:38:00
canvas
canvas
Immunity Canvas: PDF_U3D
2011-12-07 19:55:00
exploitdb
exploitdb
Adobe Reader - U3D Memory Corruption (Metasploit)
2012-01-14 00:00:00
saint
saint
Adobe Reader U3D Heap Overflow
2011-12-21 00:00:00
Adobe Reader U3D Heap Overflow
2011-12-21 00:00:00
Adobe Reader U3D Heap Overflow
2011-12-21 00:00:00
freebsd
freebsd
acroread9 -- Multiple Vulnerabilities
2011-12-07 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2012-01-30 00:00:00
JSON
Related for SUSE_11_ACROREAD-120112.NASL
threatpost4nessus12securityvulns3openvas9redhat1suse2checkpoint_advisories2cve2ubuntucve2prion2seebug3metasploit1attackerkb1cisa_kev1cert1packetstorm1thn1canvas1exploitdb1saint4freebsd1gentoo1