Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2014 Greenbone AGOPENVAS:1361412562310804386
HistoryApr 10, 2014 - 12:00 a.m.

Adobe Reader '.ETD File' Denial of Service Vulnerability - Linux

2014-04-1000:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
17

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.466

Percentile

97.5%

JSON

Adobe Reader is prone to a denial of service (DoS) vulnerability.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:adobe:acrobat_reader";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.804386");
  script_version("2024-02-15T05:05:40+0000");
  script_cve_id("CVE-2004-1153");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"creation_date", value:"2014-04-10 14:59:53 +0530 (Thu, 10 Apr 2014)");
  script_name("Adobe Reader '.ETD File' Denial of Service Vulnerability - Linux");

  script_tag(name:"summary", value:"Adobe Reader is prone to a denial of service (DoS) vulnerability.");
  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
  script_tag(name:"insight", value:"Flaw is due to the format string error in '.etd' file.");
  script_tag(name:"impact", value:"Successful exploitation will allow attackers to execute arbitrary code on
the system and gain sensitive information.");
  script_tag(name:"affected", value:"Adobe Reader version 6.0.0 through 6.0.2 on Linux.");
  script_tag(name:"solution", value:"Upgrade to Adobe Reader version 6.0.3 or later.");
  script_tag(name:"qod_type", value:"executable_version");
  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"http://xforce.iss.net/xforce/xfdb/18478");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/11934");
  script_xref(name:"URL", value:"http://archives.neohapsis.com/archives/bugtraq/2004-12/0147.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_family("Denial of Service");
  script_dependencies("gb_adobe_prdts_detect_lin.nasl");
  script_mandatory_keys("Adobe/Reader/Linux/Version");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!readerVer = get_app_version(cpe:CPE)){
  exit(0);
}

if(readerVer && readerVer =~ "^6")
{
  if(version_in_range(version:readerVer, test_version:"6.0.0", test_version2:"6.0.2"))
  {
    security_message( port: 0, data: "The target host was found to be vulnerable" );
    exit(0);
  }
}

Related

cvelist 1
openvas 2
nvd 1
checkpoint_advisories 1
cve 1
cvelist
cvelist
CVE-2004-1153
2004-12-22 05:00:00
openvas
openvas
Adobe Reader '.ETD File' Denial of Service Vulnerability - Mac OS X
2014-04-10 00:00:00
Adobe Reader '.ETD File' Denial of Service Vulnerability - Windows
2014-04-10 00:00:00
nvd
nvd
CVE-2004-1153
2005-01-10 05:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader eBook Format String (CVE-2004-1153)
2009-11-18 00:00:00
cve
cve
CVE-2004-1153
2005-01-10 05:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

High

EPSS

0.466

Percentile

97.5%

JSON
Related for OPENVAS:1361412562310804386
cvelist1openvas2nvd1checkpoint_advisories1cve1