Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.SUSE_ACROREAD-8571.NASL
HistoryMay 19, 2013 - 12:00 a.m.

SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 8571)

2013-05-1900:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
33
JSON

Acrobat Reader has been updated to version 9.5.5.

The Adobe Advisory can be found at:
https://www.adobe.com/support/security/bulletins/apsb13-15.html

These updates resolve

  • memory corruption vulnerabilities that could lead to code execution. (CVE-2013-2718 / CVE-2013-2719 / CVE-2013-2720 / CVE-2013-2721 / CVE-2013-2722 / CVE-2013-2723 / CVE-2013-2725 / CVE-2013-2726 / CVE-2013-2731 / CVE-2013-2732 / CVE-2013-2734 / CVE-2013-2735 / CVE-2013-2736 / CVE-2013-3337 / CVE-2013-3338 / CVE-2013-3339 / CVE-2013-3340 / CVE-2013-3341)

  • an integer underflow vulnerability that could lead to code execution. (CVE-2013-2549)

  • a use-after-free vulnerability that could lead to a bypass of Adobe Reader’s sandbox protection.
    (CVE-2013-2550)

  • an information leakage issue involving a JavaScript API.
    (CVE-2013-2737)

  • a stack overflow vulnerability that could lead to code execution. (CVE-2013-2724)

  • buffer overflow vulnerabilities that could lead to code execution. (CVE-2013-2730 / CVE-2013-2733)

  • integer overflow vulnerabilities that could lead to code execution. (CVE-2013-2727 / CVE-2013-2729)

  • a flaw in the way Reader handles domains that have been blacklisted in the operating system. (CVE-2013-3342)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(66506);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/29");

  script_cve_id(
    "CVE-2013-2549",
    "CVE-2013-2550",
    "CVE-2013-2718",
    "CVE-2013-2719",
    "CVE-2013-2720",
    "CVE-2013-2721",
    "CVE-2013-2722",
    "CVE-2013-2723",
    "CVE-2013-2724",
    "CVE-2013-2725",
    "CVE-2013-2726",
    "CVE-2013-2727",
    "CVE-2013-2729",
    "CVE-2013-2730",
    "CVE-2013-2731",
    "CVE-2013-2732",
    "CVE-2013-2733",
    "CVE-2013-2734",
    "CVE-2013-2735",
    "CVE-2013-2736",
    "CVE-2013-2737",
    "CVE-2013-3337",
    "CVE-2013-3338",
    "CVE-2013-3339",
    "CVE-2013-3340",
    "CVE-2013-3341",
    "CVE-2013-3342"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");

  script_name(english:"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 8571)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 10 host is missing a security-related patch.");
  script_set_attribute(attribute:"description", value:
"Acrobat Reader has been updated to version 9.5.5.

The Adobe Advisory can be found at:
https://www.adobe.com/support/security/bulletins/apsb13-15.html

These updates resolve

  - memory corruption vulnerabilities that could lead to
    code execution. (CVE-2013-2718 / CVE-2013-2719 /
    CVE-2013-2720 / CVE-2013-2721 / CVE-2013-2722 /
    CVE-2013-2723 / CVE-2013-2725 / CVE-2013-2726 /
    CVE-2013-2731 / CVE-2013-2732 / CVE-2013-2734 /
    CVE-2013-2735 / CVE-2013-2736 / CVE-2013-3337 /
    CVE-2013-3338 / CVE-2013-3339 / CVE-2013-3340 /
    CVE-2013-3341)

  - an integer underflow vulnerability that could lead to
    code execution. (CVE-2013-2549)

  - a use-after-free vulnerability that could lead to a
    bypass of Adobe Reader's sandbox protection.
    (CVE-2013-2550)

  - an information leakage issue involving a JavaScript API.
    (CVE-2013-2737)

  - a stack overflow vulnerability that could lead to code
    execution. (CVE-2013-2724)

  - buffer overflow vulnerabilities that could lead to code
    execution. (CVE-2013-2730 / CVE-2013-2733)

  - integer overflow vulnerabilities that could lead to code
    execution. (CVE-2013-2727 / CVE-2013-2729)

  - a flaw in the way Reader handles domains that have been
    blacklisted in the operating system. (CVE-2013-3342)");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2549.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2550.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2718.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2719.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2720.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2721.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2722.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2723.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2724.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2725.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2726.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2727.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2729.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2730.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2731.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2732.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2733.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2734.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2735.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2736.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2737.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3337.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3338.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3339.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3340.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3341.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3342.html");
  script_set_attribute(attribute:"solution", value:
"Apply ZYPP patch number 8571.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/05/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-9.5.5-0.6.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-cmaps-9.4.6-0.6.63")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-fonts-ja-9.4.6-0.6.63")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-fonts-ko-9.4.6-0.6.63")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-fonts-zh_CN-9.4.6-0.6.63")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"acroread-fonts-zh_TW-9.4.6-0.6.63")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

References

Related

suse 1
securityvulns 1
nessus 7
redhat 1
openvas 6
prion 28
ubuntucve 28
cve 28
attackerkb 2
zdi 2
gentoo 1
checkpoint_advisories 3
packetstorm 2
threatpost 1
zdt 1
kaspersky 1
binamuse 2
cisa_kev 1
suse
suse
Security update for Acrobat Reader (important)
2013-05-18 00:04:57
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2013-07-15 00:00:00
nessus
nessus
openSUSE Security Update : acroread (openSUSE-SU-2013:0990-1)
2014-06-13 00:00:00
SuSE 11.2 Security Update : Acrobat Reader (SAT Patch Number 7734)
2013-05-19 00:00:00
RHEL 5 / 6 : acroread (RHSA-2013:0826)
2013-05-16 00:00:00
redhat
redhat
(RHSA-2013:0826) Critical: acroread security update
2013-05-15 00:00:00
openvas
openvas
Adobe Reader Multiple Unspecified Vulnerabilities -01 (May 2013) - Mac OS X
2013-05-28 00:00:00
Adobe Reader Multiple Unspecified Vulnerabilities -01 (May 2013) - Windows
2013-05-28 00:00:00
Adobe Reader Multiple Unspecified Vulnerabilities -01 (May 2013) - Linux
2013-05-28 00:00:00
prion
prion
Memory corruption
2013-05-16 11:45:00
Memory corruption
2013-05-16 11:45:00
Memory corruption
2013-05-16 11:45:00
ubuntucve
ubuntucve
CVE-2013-2722
2013-05-16 00:00:00
CVE-2013-2736
2013-05-16 00:00:00
CVE-2013-2735
2013-05-16 00:00:00
cve
cve
CVE-2013-2718
2013-05-16 11:45:00
CVE-2013-2720
2013-05-16 11:45:00
CVE-2013-3339
2013-05-16 11:45:00
attackerkb
attackerkb
CVE-2013-3346
2013-08-30 00:00:00
CVE-2013-2729
2013-05-16 00:00:00
zdi
zdi
(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability
2013-05-30 00:00:00
Adobe Reader U3D Processing Remote Code Execution Vulnerability
2013-05-30 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2013-08-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader Use-after-closed Sandbox Security Bypass (APSB13-15; CVE-2013-2550)
2013-05-20 00:00:00
Adobe Acrobat Reader Crafted RLE8 format BMP File Buffer Overflow (APSB13-15; CVE-2013-2729)
2013-05-19 00:00:00
Adobe Reader AdobeCollabSync Sandbox Bypass (APSB13-15; CVE-2013-2730)
2013-06-18 00:00:00
packetstorm
packetstorm
Adobe Reader X 10.1.4.38 BMP/RLE Heap Corruption
2013-07-08 00:00:00
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
2013-05-23 00:00:00
threatpost
threatpost
US-CERT Warns of Dyre Banking Trojan
2014-10-28 13:09:59
zdt
zdt
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
2013-05-24 00:00:00
kaspersky
kaspersky
KLA10457 Adobe Acrobat & Reader multiple vulnerabilities
2013-08-08 00:00:00
binamuse
binamuse
Adobe Reader BMP/RLE heap corruption - CVE-2013-2729
2013-05-14 19:11:00
Adobe Reader X Sandbox bypass - CVE-2013-2730
2013-05-15 16:36:00
cisa_kev
cisa_kev
Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability
2022-03-28 00:00:00
JSON
Related for SUSE_ACROREAD-8571.NASL
suse1securityvulns1nessus7redhat1openvas6prion28ubuntucve28cve28attackerkb2zdi2gentoo1checkpoint_advisories3packetstorm2threatpost1zdt1kaspersky1binamuse2cisa_kev1