Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2018 Greenbone AGOPENVAS:1361412562310812546
HistoryMar 09, 2018 - 12:00 a.m.

Adobe Acrobat 2017 Security Updates (APSB17-24) - Windows

2018-03-0900:00:00
Copyright (C) 2018 Greenbone AG
plugins.openvas.org
13

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.056 Low

EPSS

Percentile

93.1%

JSON

Adobe Acrobat 2017 is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:adobe:acrobat";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.812546");
  script_version("2024-02-09T14:47:30+0000");
  script_cve_id("CVE-2017-3016", "CVE-2017-3038", "CVE-2017-3113", "CVE-2017-3115",
                "CVE-2017-3116", "CVE-2017-3117", "CVE-2017-3118", "CVE-2017-3119",
                "CVE-2017-3120", "CVE-2017-3121", "CVE-2017-3122", "CVE-2017-3123",
                "CVE-2017-3124", "CVE-2017-11209", "CVE-2017-11210", "CVE-2017-11211",
                "CVE-2017-11212", "CVE-2017-11214", "CVE-2017-11216", "CVE-2017-11217",
                "CVE-2017-11218", "CVE-2017-11219", "CVE-2017-11220", "CVE-2017-11221",
                "CVE-2017-11222", "CVE-2017-11223", "CVE-2017-11224", "CVE-2017-11226",
                "CVE-2017-11227", "CVE-2017-11228", "CVE-2017-11229", "CVE-2017-11230",
                "CVE-2017-11231", "CVE-2017-11232", "CVE-2017-11233", "CVE-2017-11234",
                "CVE-2017-11235", "CVE-2017-11236", "CVE-2017-11237", "CVE-2017-11238",
                "CVE-2017-11239", "CVE-2017-11241", "CVE-2017-11242", "CVE-2017-11243",
                "CVE-2017-11244", "CVE-2017-11245", "CVE-2017-11246", "CVE-2017-11248",
                "CVE-2017-11249", "CVE-2017-11251", "CVE-2017-11252", "CVE-2017-11254",
                "CVE-2017-11255", "CVE-2017-11256", "CVE-2017-11257", "CVE-2017-11258",
                "CVE-2017-11259", "CVE-2017-11260", "CVE-2017-11261", "CVE-2017-11262",
                "CVE-2017-11263", "CVE-2017-11265", "CVE-2017-11267", "CVE-2017-11268",
                "CVE-2017-11269", "CVE-2017-11270", "CVE-2017-11271");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-09 14:47:30 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-08-21 16:19:00 +0000 (Wed, 21 Aug 2019)");
  script_tag(name:"creation_date", value:"2018-03-09 13:25:15 +0530 (Fri, 09 Mar 2018)");
  script_name("Adobe Acrobat 2017 Security Updates (APSB17-24) - Windows");

  script_tag(name:"summary", value:"Adobe Acrobat 2017 is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to:

  - Multiple memory corruption vulnerabilities.

  - Multiple use after free vulnerabilities.

  - Multiple heap overflow vulnerabilities.

  - Multiple security bypass vulnerabilities.

  - Multiple type confusion errors.

  - An insufficient verification of data authenticity.");

  script_tag(name:"impact", value:"Successful exploitation of these
  vulnerabilities will allow remote attackers to execute arbitrary code and
  disclose sensitive information.");

  script_tag(name:"affected", value:"Adobe Acrobat 2017.008.30051 and earlier
  versions on windows.");

  script_tag(name:"solution", value:"Upgrade to Adobe Acrobat 2017 version
  2017.011.30066 or later.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"registry");
  script_xref(name:"URL", value:"https://helpx.adobe.com/security/products/acrobat/apsb17-24.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_adobe_prdts_detect_win.nasl");
  script_mandatory_keys("Adobe/Acrobat/Win/Ver");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos['version'];
path = infos['location'];

##2017.011.30066 == 17.011.30066
if(version_in_range(version:vers, test_version:"17.0", test_version2:"17.011.30065")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"17.011.30066 (2017.011.30066)", install_path:path);
  security_message(data:report);
  exit(0);
}

exit(99);

Related

kaspersky 1
adobe 1
openvas 15
nessus 4
trendmicroblog 1
checkpoint_advisories 44
prion 43
cve 41
zdi 45
srcincite 1
seebug 1
talosblog 1
talos 1
kaspersky
kaspersky
KLA11086 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
2017-08-08 00:00:00
adobe
adobe
APSB17-24 Security updates available for Adobe Acrobat and Reader
2017-08-03 00:00:00
openvas
openvas
Adobe Acrobat Reader DC (Classic Track) Security Updates (APSB17-24) - Mac OS X
2018-03-09 00:00:00
Adobe Acrobat Security Updates (APSB17-24) - Windows
2017-08-10 00:00:00
Adobe Reader Security Updates (APSB17-24) - Windows
2017-08-10 00:00:00
nessus
nessus
Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)
2017-08-11 00:00:00
Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24) (macOS)
2017-08-11 00:00:00
Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)
2017-08-11 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of August 14, 2017
2017-08-18 12:00:42
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3116; CVE-2017-11237)
2017-08-08 00:00:00
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11209)
2017-08-08 00:00:00
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11267)
2017-08-08 00:00:00
prion
prion
Heap overflow
2017-08-11 19:29:00
Memory corruption
2017-08-11 19:29:00
Memory corruption
2017-08-11 19:29:00
cve
cve
CVE-2017-11211
2017-08-11 19:29:00
CVE-2017-11259
2017-08-11 19:29:00
CVE-2017-11241
2017-08-11 19:29:00
zdi
zdi
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2017-08-08 00:00:00
Adobe Acrobat Pro DC ImageConversion EMF Parsing Memory Corruption Remote Code Execution Vulnerability
2017-08-08 00:00:00
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2017-08-08 00:00:00
srcincite
srcincite
SRC-2017-0007 : Adobe Acrobat Pro DC ImageConversion EMF parsing EMR_EXTTEXTOUTA Array Indexing Remote Code Execution Vulnerability
2016-06-07 00:00:00
seebug
seebug
Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability(CVE-2017-11263)
2017-09-13 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Adobe Reader DC Parser Confusion
2017-08-08 09:15:00
talos
talos
Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability
2017-08-08 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.056 Low

EPSS

Percentile

93.1%

JSON
Related for OPENVAS:1361412562310812546
kaspersky1adobe1openvas15nessus4trendmicroblog1checkpoint_advisories44prion43cve41zdi45srcincite1seebug1talosblog1talos1