Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2023 Greenbone AGOPENVAS:1361412562310832253
HistoryAug 22, 2023 - 12:00 a.m.

Adobe Acrobat DC Continuous Security Update (APSB23-30) - Mac OS X

2023-08-2200:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
1
adobe acrobat
continuous
mac os x
security update
cve
vulnerabilities
escalate privileges
arbitrary code
denial of service
memory leak

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.559 Medium

EPSS

Percentile

97.7%

JSON

Adobe Acrobat is prone to multiple
vulnerabilities.

# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:adobe:acrobat_dc_continuous";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.832253");
  script_version("2023-10-12T05:05:32+0000");
  script_cve_id("CVE-2023-38226", "CVE-2023-38227", "CVE-2023-38228", "CVE-2023-38229",
                "CVE-2023-38230", "CVE-2023-38231", "CVE-2023-38232", "CVE-2023-38233",
                "CVE-2023-38234", "CVE-2023-38235", "CVE-2023-38236", "CVE-2023-38237",
                "CVE-2023-38238", "CVE-2023-38239", "CVE-2023-38240", "CVE-2023-38241",
                "CVE-2023-38242", "CVE-2023-38244", "CVE-2023-38222", "CVE-2023-38224",
                "CVE-2023-38225", "CVE-2023-38247", "CVE-2023-38248", "CVE-2023-38243",
                "CVE-2023-38223", "CVE-2023-29303", "CVE-2023-29299", "CVE-2023-29320",
                "CVE-2023-38245", "CVE-2023-38246");
  script_tag(name:"cvss_base", value:"7.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-10-12 05:05:32 +0000 (Thu, 12 Oct 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-08-10 14:46:00 +0000 (Thu, 10 Aug 2023)");
  script_tag(name:"creation_date", value:"2023-08-22 15:32:12 +0530 (Tue, 22 Aug 2023)");
  script_name("Adobe Acrobat DC Continuous Security Update (APSB23-30) - Mac OS X");

  script_tag(name:"summary", value:"Adobe Acrobat is prone to multiple
  vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - An improper input validation.

  - An improper access control error.

  - Multiple out-of-bounds read or write errors.

  - Violation of secure design principles.

  - Multiple use after free errors.");

  script_tag(name:"impact", value:"Successful exploitation will allow attackers
  to escalate privileges, execute arbitrary code, cause denial of service, bypass
  security restrictions and cause memory leak on an affected system.");

  script_tag(name:"affected", value:"Adobe Acrobat DC (Continuous) versions
  prior to 23.003.20269 on Mac OS X.");

  script_tag(name:"solution", value:"Update to version 23.003.20269 or later.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version");
  script_xref(name:"URL", value:"https://helpx.adobe.com/security/products/acrobat/apsb23-30.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("General");
  script_dependencies("gb_adobe_acrobat_dc_cont_detect_macosx.nasl");
  script_mandatory_keys("Adobe/AcrobatDC/Continuous/MacOSX/Version");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"23.003.20269")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"23.003.20269", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);

Related

nessus 4
kaspersky 1
openvas 7
adobe 1
prion 30
zdi 27
nvd 30
cvelist 30
cnvd 21
cve 30
malwarebytes 1
nessus
nessus
Adobe Reader < 20.005.30514.10514 / 23.003.20269 Multiple Vulnerabilities (APSB23-30)
2023-08-08 00:00:00
Adobe Reader < 20.005.30514.10514 / 23.003.20269 Multiple Vulnerabilities (APSB23-30) (macOS)
2023-08-08 00:00:00
Adobe Acrobat < 20.005.30514.10514 / 23.003.20269 Multiple Vulnerabilities (APSB23-30) (macOS)
2023-08-08 00:00:00
kaspersky
kaspersky
KLA51723 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2023-08-08 00:00:00
openvas
openvas
Adobe Acrobat DC Continuous Security Update (APSB23-30) - Windows
2023-08-22 00:00:00
Adobe Reader Classic 2020 Security Update (APSB23-30) - Mac OS X
2023-08-22 00:00:00
Adobe Reader DC Continuous Security Update (APSB23-30) - Mac OS X
2023-08-22 00:00:00
adobe
adobe
APSB23-30 : Security update available for Adobe Acrobat and Reader
2023-08-08 00:00:00
prion
prion
Null pointer dereference
2023-08-10 14:15:00
Design/Logic Flaw
2023-08-10 14:15:00
Design/Logic Flaw
2023-08-10 14:15:00
zdi
zdi
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-08-14 00:00:00
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-08-14 00:00:00
Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability
2023-08-14 00:00:00
nvd
nvd
CVE-2023-38224
2023-08-10 14:15:12
CVE-2023-38234
2023-08-10 14:15:13
CVE-2023-29320
2023-08-10 14:15:11
cvelist
cvelist
CVE-2023-38232 ZDI-CAN-21357: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-08-10 13:17:34
CVE-2023-38245 Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft Vulnerability
2023-08-10 13:17:37
CVE-2023-38235 ZDI-CAN-21356: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2023-08-10 13:17:35
cnvd
cnvd
Adobe Acrobat Reader post-release reuse vulnerability (CNVD-2023-71754)
2023-08-12 00:00:00
Adobe Acrobat Reader post-release reuse vulnerability (CNVD-2023-71758)
2023-08-12 00:00:00
Adobe Acrobat Reader Out-of-Bounds Read Vulnerability (CNVD-2023-62953)
2023-08-12 00:00:00
cve
cve
CVE-2023-38232
2023-08-10 14:15:13
CVE-2023-38230
2023-08-10 14:15:13
CVE-2023-38224
2023-08-10 14:15:12
malwarebytes
malwarebytes
Insights into your unpatched vulnerabilities
2023-12-11 10:17:48

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.559 Medium

EPSS

Percentile

97.7%

JSON
Related for OPENVAS:1361412562310832253
nessus4kaspersky1openvas7adobe1prion30zdi27nvd30cvelist30cnvd21cve30malwarebytes1