Search...

Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Windows)

2019-04-11T00:00:00

ID OPENVAS:1361412562310814965
Type openvas
Reporter Copyright (C) 2019 Greenbone Networks GmbH
Modified 2019-10-23T00:00:00

Description

This host is running Adobe InDesign and is prone to code execution vulnerability.

                                        
                                            # Copyright (C) 2019 Greenbone Networks GmbH
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (C) the respective author(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

CPE = "cpe:/a:adobe:indesign_server";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.814965");
  script_version("2019-10-23T10:55:06+0000");
  script_cve_id("CVE-2019-7107");
  script_bugtraq_id(107821);
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2019-10-23 10:55:06 +0000 (Wed, 23 Oct 2019)");
  script_tag(name:"creation_date", value:"2019-04-11 14:52:03 +0530 (Thu, 11 Apr 2019)");
  script_tag(name:"qod_type", value:"registry");
  script_name("Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Windows)");

  script_tag(name:"summary", value:"This host is running Adobe InDesign and is
  prone to code execution vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw exists de to unsafe hyperlink processing.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to execute arbitrary code in the context of the application. Failed
  attacks may cause a denial-of-service condition.");

  script_tag(name:"affected", value:"Adobe InDesign versions 14.0.1 and earlier on Windows.");

  script_tag(name:"solution", value:"Upgrade to version 14.0.2 or later. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"https://helpx.adobe.com/security/products/indesign/apsb19-23.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2019 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("secpod_adobe_indesign_detect.nasl");
  script_mandatory_keys("Adobe/InDesign/Ver");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );

vers = infos['version'];
path = infos['location'];
if(version_is_less(version:vers, test_version:"14.0.2"))
{
  report = report_fixed_ver(installed_version:vers, fixed_version:"14.0.2", install_path:path);
  security_message(data:report);
  exit(0);
}
exit(99);

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310814965", "type": "openvas", "bulletinFamily": "scanner", "title": "Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Windows)", "description": "This host is running Adobe InDesign and is\n prone to code execution vulnerability.", "published": "2019-04-11T00:00:00", "modified": "2019-10-23T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814965", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH", "references": ["https://helpx.adobe.com/security/products/indesign/apsb19-23.html"], "cvelist": ["CVE-2019-7107"], "lastseen": "2019-10-24T20:52:13", "viewCount": 64, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-7107"]}, {"type": "nessus", "idList": ["MACOSX_ADOBE_INDESIGN_APSB19-23.NASL", "ADOBE_INDESIGN_APSB19-23.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814966"]}, {"type": "threatpost", "idList": ["THREATPOST:DAE538116903F261C02AD6195D61B70D"]}], "modified": "2019-10-24T20:52:13", "rev": 2}, "score": {"value": 8.8, "vector": "NONE", "modified": "2019-10-24T20:52:13", "rev": 2}, "vulnersScore": 8.8}, "pluginID": "1361412562310814965", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:indesign_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814965\");\n script_version(\"2019-10-23T10:55:06+0000\");\n script_cve_id(\"CVE-2019-7107\");\n script_bugtraq_id(107821);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-23 10:55:06 +0000 (Wed, 23 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-11 14:52:03 +0530 (Thu, 11 Apr 2019)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Adobe InDesign and is\n prone to code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists de to unsafe hyperlink processing.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application. Failed\n attacks may cause a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"Adobe InDesign versions 14.0.1 and earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 14.0.2 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/indesign/apsb19-23.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_indesign_detect.nasl\");\n script_mandatory_keys(\"Adobe/InDesign/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\nif(version_is_less(version:vers, test_version:\"14.0.2\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"14.0.2\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "naslFamily": "General"}

{"cve": [{"lastseen": "2020-12-09T21:41:56", "description": "Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-23T16:29:00", "title": "CVE-2019-7107", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7107"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:adobe:indesign:14.0.1"], "id": "CVE-2019-7107", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7107", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:indesign:14.0.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-10-24T20:51:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7107"], "description": "This host is running Adobe InDesign and is\n prone to code execution vulnerability.", "modified": "2019-10-23T00:00:00", "published": "2019-04-11T00:00:00", "id": "OPENVAS:1361412562310814966", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814966", "type": "openvas", "title": "Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Mac OS X)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:indesign_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814966\");\n script_version(\"2019-10-23T10:55:06+0000\");\n script_cve_id(\"CVE-2019-7107\");\n script_bugtraq_id(107821);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-23 10:55:06 +0000 (Wed, 23 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-11 14:57:12 +0530 (Thu, 11 Apr 2019)\");\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_name(\"Adobe InDesign Arbitrary Code Execution Vulnerability-APSB19-23 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is running Adobe InDesign and is\n prone to code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists de to unsafe hyperlink processing.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code in the context of the application. Failed\n attacks may cause a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"Adobe InDesign versions 14.0.1 and earlier on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 14.0.2 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/indesign/apsb19-23.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_indesign_server_detect_macosx.nasl\");\n script_mandatory_keys(\"InDesign/Server/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\nif(version_is_less(version:vers, test_version:\"14.0.2\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"14.0.2\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-09-19T07:36:54", "description": "The version of Adobe InDesign installed on the remote macOS or\nMac OS X host is prior to 14.0.2. It is, therefore, affected by\na Arbitrary Code Execution vulnerability exists due to unsafe hyperlink\nprocessing vulnerability exists Webkit component of MacOS. An\nauthenticated, remote attacker can exploit this issue, to cause\nexecution of arbitary code or application to stop responding.", "edition": 14, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-12T00:00:00", "title": "Adobe InDesign CC < 14.0.2 Arbitrary Code Execution Vulnerability (APSB19-23) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7107"], "modified": "2019-04-12T00:00:00", "cpe": ["cpe:/a:adobe:indesign_cc"], "id": "MACOSX_ADOBE_INDESIGN_APSB19-23.NASL", "href": "https://www.tenable.com/plugins/nessus/124021", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124021);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/18\");\n\n script_cve_id(\"CVE-2019-7107\");\n script_bugtraq_id(107821);\n script_xref(name:\"IAVA\", value:\"2019-A-0105-S\");\n\n script_name(english:\"Adobe InDesign CC < 14.0.2 Arbitrary Code Execution Vulnerability (APSB19-23) (macOS)\");\n script_summary(english:\"Checks the InDesign version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is affected by Arbitrary Code Execution Vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe InDesign installed on the remote macOS or\nMac OS X host is prior to 14.0.2. It is, therefore, affected by\na Arbitrary Code Execution vulnerability exists due to unsafe hyperlink\nprocessing vulnerability exists Webkit component of MacOS. An\nauthenticated, remote attacker can exploit this issue, to cause\nexecution of arbitary code or application to stop responding.\");\n #https://helpx.adobe.com/security/products/indesign/apsb19-23.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b643ed5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe InDesign version 14.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7107\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:indesign_cc\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_indesign_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe InDesign\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/MacOSX/Version')) audit(AUDIT_OS_NOT, 'Mac OS X');\n\napp = 'Adobe InDesign';\napp_info = vcf::get_app_info(app:app);\n\nconstraints = [\n {'fixed_version' : '13.1.1', 'fixed_display' : '13.1.1 / 14.0.2' },\n {'min_version' : '14.0', 'fixed_version' : '14.0.2' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-19T05:08:37", "description": "The version of Adobe InDesign installed on the remote Windows host\nis prior to 13.1.1, or 14.x prior to 14.0.2. It is, therefore,\naffected by an Arbitrary Code Execution vulnerability due to unsafe\nhyperlink processing in the Webkit component of MacOS. An\nauthenticated, remote attacker can exploit this issue to cause\nexecution of arbitary code or the application to stop responding.", "edition": 14, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-12T00:00:00", "title": "Adobe InDesign < 13.1.1 / 14.x < 14.0.2 Arbitrary Code Execution Vulnerability (APSB19-23)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7107"], "modified": "2019-04-12T00:00:00", "cpe": ["cpe:/a:adobe:indesign_cc"], "id": "ADOBE_INDESIGN_APSB19-23.NASL", "href": "https://www.tenable.com/plugins/nessus/124022", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124022);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/18\");\n\n script_cve_id(\"CVE-2019-7107\");\n script_bugtraq_id(107821);\n script_xref(name:\"IAVA\", value:\"2019-A-0105-S\");\n\n script_name(english:\"Adobe InDesign < 13.1.1 / 14.x < 14.0.2 Arbitrary Code Execution Vulnerability (APSB19-23)\");\n script_summary(english:\"Checks the Adobe InDesign version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is affected by Arbitrary Code Execution Vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe InDesign installed on the remote Windows host\nis prior to 13.1.1, or 14.x prior to 14.0.2. It is, therefore,\naffected by an Arbitrary Code Execution vulnerability due to unsafe\nhyperlink processing in the Webkit component of MacOS. An\nauthenticated, remote attacker can exploit this issue to cause\nexecution of arbitary code or the application to stop responding.\");\n # https://helpx.adobe.com/security/products/indesign/apsb19-23.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b643ed5\");\n script_set_attribute(attribute:\"solution\", value:\n \"Upgrade to Adobe InDesign version 13.1.1 / 14.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7107\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:indesign_cc\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_indesign_installed.nbin\");\n script_require_keys(\"installed_sw/Adobe InDesign\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Adobe InDesign', win_local:TRUE);\n\nconstraints = [\n { 'fixed_version' : '13.1.1' },\n { 'min_version': '14.0', 'fixed_version' : '14.0.2' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-03-08T12:00:23", "bulletinFamily": "info", "cvelist": ["CVE-2019-7088", "CVE-2019-7096", "CVE-2019-7098", "CVE-2019-7099", "CVE-2019-7100", "CVE-2019-7101", "CVE-2019-7102", "CVE-2019-7103", "CVE-2019-7104", "CVE-2019-7105", "CVE-2019-7106", "CVE-2019-7107", "CVE-2019-7108", "CVE-2019-7111", "CVE-2019-7112", "CVE-2019-7113", "CVE-2019-7117", "CVE-2019-7118", "CVE-2019-7119", "CVE-2019-7120", "CVE-2019-7124", "CVE-2019-7125", "CVE-2019-7128", "CVE-2019-7130", "CVE-2019-7132", "CVE-2019-7816"], "description": "Adobe has fixed 24 critical arbitrary code execution vulnerabilities across multiple products, including Acrobat Reader, Adobe Flash, and Adobe Shockwave Player.\n\nOverall, Adobe issued fixes for 43 different CVE numbers across [eight different products](<https://blogs.adobe.com/psirt/?p=1735>), Tuesday, as part of a regularly-scheduled monthly security update. The company said that none of the vulnerabilities are currently being exploited in the wild. Acrobat Reader, Adobe\u2019s family of products allowing users to create and manage PDF files, had the bulk of security flaws that were patched, with 21 vulnerabilities overall, 11 of which were critical arbitrary code execution flaws.\n\n\u201cAdobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities,\u201d said Adobe in its [update](<https://helpx.adobe.com/security/products/acrobat/apsb19-17.html>). \u201cSuccessful exploitation could lead to arbitrary code execution in the context of the current user.\u201d\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nThese flaws exist in Acrobat Reader DC (2019.010.20098 and earlier versions), Acrobat Reader 2017 (2017.011.30127 and earlier versions) and Acrobat Reader DC Classic 2015 (2015.006.30482 and earlier versions) for Windows and macOS.\n\n[![acrobat reader critical flaws](https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/09134939/acrobat-reader-critical-flaws-182x300.png)](<https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/09134939/acrobat-reader-critical-flaws.png>)\n\nAcrobat Reader critical flaws.\n\nThe critical flaws include five out-of-bounds write flaws (CVE-2019-7111, CVE-2019-7118, CVE-2019-7119, CVE-2019-7120, CVE-2019-7124). Two type confusion flaws (CVE-2019-7117, CVE-2019-7128), two use-after-free flaws (CVE-2019-7088, CVE-2019-7112) and two heap overflow glitches (CVE-2019-7113, CVE-2019-7125).\n\n\u201cThe patch for Acrobat corrects 21 different CVEs,\u201d said Dustin Childs, with Trend Micro\u2019s Zero-Day Initiative, in a [Patch Tuesday analysis](<https://www.zerodayinitiative.com/blog/2019/4/9/the-april-2019-security-update-review>). \u201cThe worst of these vulnerabilities could allow an attacker to completely take control of an affected system.\u201d\n\nAdobe also fixed seven arbitrary code execution flaws in the Windows version of its [Shockwave Player](<https://helpx.adobe.com/security/products/shockwave/apsb19-20.html>), which is its multimedia platform for building interactive multimedia applications and video games. Impacted are versions 12.3.4.204 and earlier: Users are urged to update to version 12.3.5.205.\n\nAll seven (CVE-2019-7098, CVE-2019-7099, CVE-2019-7100, CVE-2019-7101, CVE-2019-7102, CVE-2019-7103, CVE-2019-7104) stemmed from memory corruption: \u201cThis update resolves multiple critical memory corruption vulnerabilities that could lead to arbitrary code execution in the context of the current user,\u201d said Adobe.\n\nAdobe also fixed critical flaws in [Adobe Flash](<https://helpx.adobe.com/security/products/flash-player/apsb19-19.html>) (a critical arbitrary code execution vulnerability, CVE-2019-7096, as well as an important information disclosure flaw CVE-2019-7108), its [Adobe XD](<https://helpx.adobe.com/security/products/xd/apsb19-22.html>) tool for designing and prototyping user experience for web and mobile apps (which had two critical arbitrary code execution glitches, CVE-2019-7105 and CVE-2019-7106), and [InDesign](<https://helpx.adobe.com/security/products/indesign/apsb19-23.html>) (a critical arbitrary code execution flaw, CVE-2019-7107)\n\nAdobe Bridge CC, Adobe\u2019s free digital asset management app, also had eight flaws, including two critical remote code execution vulnerabilities (CVE-2019-7130, CVE-2019-7132) and six important information disclosure flaws.\n\n\u201cThe update for Bridge CC corrects eight CVEs \u2013 all of which were reported through the ZDI program,\u201d said Childs. \u201cIncluded are two Critical-rated remote code execution bugs that could allow an attacker run their code in the context of the logged-on user.\u201d\n\nAlso patched was an \u201cimportant\u201d flaw in Adobe Experience Manager Forms and a \u201cmoderate\u201d severity vulnerability in Adobe Dreamweaver.\n\nThe regularly-scheduled updates come on the heels of a somewhat sparse [March update](<https://threatpost.com/adobe-patches-critical-photoshop-digital-edition-flaws/142707/>) for Adobe, when the company patched only two critical flaws in Photoshop CC and Adobe Digital Editions. [Earlier in March](<https://threatpost.com/adobe-patches-critical-coldfusion-vulnerability-with-active-exploit/142391/>), Adobe also issued an emergency patch for a critical vulnerability in its ColdFusion service that was being exploited in the wild. The vulnerability, CVE-2019-7816, exists in Adobe\u2019s commercial rapid web application development platform, ColdFusion.\n\n**_Don\u2019t miss our free _**[**_Threatpost webinar_**](<https://attendee.gotowebinar.com/register/8845482382938181378?source=ART>)**_, \u201cData Security in the Cloud,\u201d on April 24 at 2 p.m. ET._**\n\n**_A panel of experts will join Threatpost senior editor Tara Seals to discuss _****_how to lock down data when the traditional network perimeter is no longer in place. They will discuss how the adoption of cloud services presents new security challenges, including ideas and best practices for locking down this new architecture; whether managed or in-house security is the way to go; and ancillary dimensions, like SD-WAN and IaaS._**\n", "modified": "2019-04-09T18:08:08", "published": "2019-04-09T18:08:08", "id": "THREATPOST:DAE538116903F261C02AD6195D61B70D", "href": "https://threatpost.com/adobe-fixes-24-critical-flaws-in-acrobat-reader-flash-shockwave-player/143632/", "type": "threatpost", "title": "Adobe Fixes 24 Critical Flaws in Acrobat Reader, Flash, Shockwave Player", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}