{"id": "OPENVAS:1361412562310850184", "type": "openvas", "bulletinFamily": "scanner", "title": "openSUSE: Security Advisory for update (openSUSE-SU-2012:0512-1)", "description": "The remote host is missing an update for the ", "published": "2012-12-13T00:00:00", "modified": "2020-01-31T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850184", "reporter": "Copyright (C) 2012 Greenbone Networks GmbH", "references": ["2012:0512-1"], "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "lastseen": "2020-01-31T18:41:04", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0524-1", "OPENSUSE-SU-2012:0512-1", "SUSE-SU-2012:0522-1"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2012-0469.NASL", "ADOBE_ACROBAT_APSB12-08.NASL", "SUSE_ACROREAD-8077.NASL", "OPENSUSE-2012-226.NASL", "GENTOO_GLSA-201206-14.NASL", "ADOBE_READER_APSB12-08.NASL", "MACOSX_ADOBE_READER_APSB12-08.NASL", "SUSE_11_ACROREAD-120413.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310802747", "OPENVAS:803827", "OPENVAS:136141256231071581", "OPENVAS:1361412562310803827", "OPENVAS:71581", "OPENVAS:1361412562310802748", "OPENVAS:1361412562310803829", "OPENVAS:803829", "OPENVAS:850184", "OPENVAS:1361412562310802749"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12334", "SECURITYVULNS:DOC:27923", "SECURITYVULNS:VULN:12325"]}, {"type": "seebug", "idList": ["SSV:60038", "SSV:60037", "SSV:60036"]}, {"type": "redhat", "idList": ["RHSA-2012:0469"]}, {"type": "gentoo", "idList": ["GLSA-201206-14"]}], "modified": "2020-01-31T18:41:04", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2020-01-31T18:41:04", "rev": 2}, "vulnersScore": 6.8}, "pluginID": "1361412562310850184", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850184\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:20 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0512-1\");\n script_name(\"openSUSE: Security Advisory for update (openSUSE-SU-2012:0512-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'update'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE12\\.1)\");\n\n script_tag(name:\"affected\", value:\"update on openSUSE 12.1, openSUSE 11.4\");\n\n script_tag(name:\"insight\", value:\"Acroread update to version 9.5.1 to fix several security\n issues\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~9.5.1~0.7.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE12.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"acroread-cmaps\", rpm:\"acroread-cmaps~9.4.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"acroread-fonts-ja\", rpm:\"acroread-fonts-ja~9.4.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"acroread-fonts-ko\", rpm:\"acroread-fonts-ko~9.4.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"acroread-fonts-zh_CN\", rpm:\"acroread-fonts-zh_CN~9.4.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"acroread-fonts-zh_TW\", rpm:\"acroread-fonts-zh_TW~9.4.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~9.5.1~3.10.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "SuSE Local Security Checks"}

{"cve": [{"lastseen": "2020-10-03T12:06:00", "description": "The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.", "edition": 3, "cvss3": {}, "published": "2012-04-10T23:55:00", "title": "CVE-2012-0775", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0775"], "modified": "2018-01-10T02:29:00", "cpe": ["cpe:/a:adobe:acrobat:10.0.3", "cpe:/a:adobe:acrobat_reader:9.1.3", "cpe:/a:adobe:acrobat:9.1", "cpe:/a:adobe:acrobat:9.3.2", "cpe:/a:adobe:acrobat:9.4.3", "cpe:/a:adobe:acrobat_reader:9.4.1", "cpe:/a:adobe:acrobat:9.4.7", "cpe:/a:adobe:acrobat:9.3", "cpe:/a:adobe:acrobat_reader:9.4.5", "cpe:/a:adobe:acrobat:10.0", "cpe:/a:adobe:acrobat_reader:9.3.1", "cpe:/a:adobe:acrobat_reader:9.4.2", "cpe:/a:adobe:acrobat:9.1.1", "cpe:/a:adobe:acrobat:9.3.3", "cpe:/a:adobe:acrobat_reader:9.3.2", "cpe:/a:adobe:acrobat_reader:9.4.3", "cpe:/a:adobe:acrobat:9.0", "cpe:/a:adobe:acrobat:10.0.2", "cpe:/a:adobe:acrobat:9.4.2", "cpe:/a:adobe:acrobat_reader:9.4.7", "cpe:/a:adobe:acrobat:10.0.1", "cpe:/a:adobe:acrobat_reader:9.3", "cpe:/a:adobe:acrobat_reader:9.5", "cpe:/a:adobe:acrobat:9.4", "cpe:/a:adobe:acrobat:9.2", "cpe:/a:adobe:acrobat:9.1.2", "cpe:/a:adobe:acrobat:10.1.1", "cpe:/a:adobe:acrobat_reader:9.3.3", "cpe:/a:adobe:acrobat:9.1.3", "cpe:/a:adobe:acrobat_reader:9.3.4", "cpe:/a:adobe:acrobat_reader:9.4.6", "cpe:/a:adobe:acrobat_reader:9.2", "cpe:/a:adobe:acrobat_reader:9.4", "cpe:/a:adobe:acrobat_reader:9.4.4", "cpe:/a:adobe:acrobat:9.4.4", "cpe:/a:adobe:acrobat:10.1", "cpe:/a:adobe:acrobat_reader:9.0", "cpe:/a:adobe:acrobat:9.4.5", "cpe:/a:adobe:acrobat_reader:9.1.1", "cpe:/a:adobe:acrobat_reader:9.1", "cpe:/a:adobe:acrobat:9.4.1", "cpe:/a:adobe:acrobat_reader:9.1.2", "cpe:/a:adobe:acrobat:9.4.6", "cpe:/a:adobe:acrobat:10.1.2", "cpe:/a:adobe:acrobat:9.5", "cpe:/a:adobe:acrobat:9.3.1", "cpe:/a:adobe:acrobat:9.3.4"], "id": "CVE-2012-0775", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0775", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:00", "description": "Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.", "edition": 3, "cvss3": {}, "published": "2012-04-10T23:55:00", "title": "CVE-2012-0774", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0774"], "modified": "2018-01-10T02:29:00", "cpe": ["cpe:/a:adobe:acrobat:10.0.3", "cpe:/a:adobe:acrobat_reader:9.1.3", "cpe:/a:adobe:acrobat:9.1", "cpe:/a:adobe:acrobat:9.3.2", "cpe:/a:adobe:acrobat:9.4.3", "cpe:/a:adobe:acrobat_reader:9.4.1", "cpe:/a:adobe:acrobat:9.4.7", "cpe:/a:adobe:acrobat:9.3", "cpe:/a:adobe:acrobat_reader:9.4.5", "cpe:/a:adobe:acrobat:10.0", "cpe:/a:adobe:acrobat_reader:9.3.1", "cpe:/a:adobe:acrobat_reader:9.4.2", "cpe:/a:adobe:acrobat:9.1.1", "cpe:/a:adobe:acrobat:9.3.3", "cpe:/a:adobe:acrobat_reader:9.3.2", "cpe:/a:adobe:acrobat_reader:9.4.3", "cpe:/a:adobe:acrobat:9.0", "cpe:/a:adobe:acrobat:10.0.2", "cpe:/a:adobe:acrobat:9.4.2", "cpe:/a:adobe:acrobat_reader:9.4.7", "cpe:/a:adobe:acrobat:10.0.1", "cpe:/a:adobe:acrobat_reader:9.3", "cpe:/a:adobe:acrobat_reader:9.5", "cpe:/a:adobe:acrobat:9.4", "cpe:/a:adobe:acrobat:9.2", "cpe:/a:adobe:acrobat:9.1.2", "cpe:/a:adobe:acrobat:10.1.1", "cpe:/a:adobe:acrobat_reader:9.3.3", "cpe:/a:adobe:acrobat:9.1.3", "cpe:/a:adobe:acrobat_reader:9.3.4", "cpe:/a:adobe:acrobat_reader:9.4.6", "cpe:/a:adobe:acrobat_reader:9.2", "cpe:/a:adobe:acrobat_reader:9.4", "cpe:/a:adobe:acrobat_reader:9.4.4", "cpe:/a:adobe:acrobat:9.4.4", "cpe:/a:adobe:acrobat:10.1", "cpe:/a:adobe:acrobat_reader:9.0", "cpe:/a:adobe:acrobat:9.4.5", "cpe:/a:adobe:acrobat_reader:9.1.1", "cpe:/a:adobe:acrobat_reader:9.1", "cpe:/a:adobe:acrobat:9.4.1", "cpe:/a:adobe:acrobat_reader:9.1.2", "cpe:/a:adobe:acrobat:9.4.6", "cpe:/a:adobe:acrobat:10.1.2", "cpe:/a:adobe:acrobat:9.5", "cpe:/a:adobe:acrobat:9.3.1", "cpe:/a:adobe:acrobat:9.3.4"], "id": "CVE-2012-0774", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0774", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:06:00", "description": "The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.\nPer: http://www.adobe.com/support/security/bulletins/apsb12-08.html\r\n\r\n'These updates resolve a memory corruption in the JavaScript API that could lead to code execution (CVE-2012-0777) (Macintosh and Linux only).'", "edition": 3, "cvss3": {}, "published": "2012-04-10T23:55:00", "title": "CVE-2012-0777", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0777"], "modified": "2018-01-10T02:29:00", "cpe": ["cpe:/a:adobe:acrobat:10.0.3", "cpe:/a:adobe:acrobat_reader:9.1.3", "cpe:/a:adobe:acrobat:9.1", "cpe:/a:adobe:acrobat:9.3.2", "cpe:/a:adobe:acrobat:9.4.3", "cpe:/a:adobe:acrobat_reader:9.4.1", "cpe:/a:adobe:acrobat:9.4.7", "cpe:/a:adobe:acrobat:9.3", "cpe:/a:adobe:acrobat_reader:9.4.5", "cpe:/a:adobe:acrobat:10.0", "cpe:/a:adobe:acrobat_reader:9.3.1", "cpe:/a:adobe:acrobat_reader:9.4.2", "cpe:/a:adobe:acrobat:9.1.1", "cpe:/a:adobe:acrobat:9.3.3", "cpe:/a:adobe:acrobat_reader:9.3.2", "cpe:/a:adobe:acrobat_reader:9.4.3", "cpe:/a:adobe:acrobat:9.0", "cpe:/a:adobe:acrobat:10.0.2", "cpe:/a:adobe:acrobat:9.4.2", "cpe:/a:adobe:acrobat_reader:9.4.7", "cpe:/a:adobe:acrobat:10.0.1", "cpe:/a:adobe:acrobat_reader:9.3", "cpe:/a:adobe:acrobat_reader:9.5", "cpe:/a:adobe:acrobat:9.4", "cpe:/a:adobe:acrobat:9.2", "cpe:/a:adobe:acrobat:9.1.2", "cpe:/a:adobe:acrobat:10.1.1", "cpe:/a:adobe:acrobat_reader:9.3.3", "cpe:/a:adobe:acrobat:9.1.3", "cpe:/a:adobe:acrobat_reader:9.3.4", "cpe:/a:adobe:acrobat_reader:9.4.6", "cpe:/a:adobe:acrobat_reader:9.2", "cpe:/a:adobe:acrobat_reader:9.4", "cpe:/a:adobe:acrobat_reader:9.4.4", "cpe:/a:adobe:acrobat:9.4.4", "cpe:/a:adobe:acrobat:10.1", "cpe:/a:adobe:acrobat_reader:9.0", "cpe:/a:adobe:acrobat:9.4.5", "cpe:/a:adobe:acrobat_reader:9.1.1", "cpe:/a:adobe:acrobat_reader:9.1", "cpe:/a:adobe:acrobat:9.4.1", "cpe:/a:adobe:acrobat_reader:9.1.2", "cpe:/a:adobe:acrobat:9.4.6", "cpe:/a:adobe:acrobat:10.1.2", "cpe:/a:adobe:acrobat:9.5", "cpe:/a:adobe:acrobat:9.3.1", "cpe:/a:adobe:acrobat:9.3.4"], "id": "CVE-2012-0777", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0777", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:-:pro:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2016-09-04T11:56:36", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "description": "The Acrobat Reader has been updated to version 9.5.1 to fix\n the following issues:\n\n * CVE-2012-0774: crafted fonts inside PDFs could allow\n attackers to cause an integer overflow, resulting in the\n possibility of arbitrary code execution\n * CVE-2012-0775, CVE-2012-0777: an issue in acroread's\n javascript API could allowattackers to cause a denial of\n service or potentially execute arbitrary code\n", "edition": 1, "modified": "2012-04-18T19:08:30", "published": "2012-04-18T19:08:30", "id": "SUSE-SU-2012:0524-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html", "type": "suse", "title": "Security update for Acrobat Reader (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:32:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "description": "Specially crafted PDF files could have caused a denial of\n service or have lead to the execution of arbitrary code in\n the context of the user running acroread:\n\n * CVE-2012-0774, crafted fonts inside PDFs could allow\n attackers to cause an integer overflow, resulting in the\n possibility of arbitrary code execution\n * CVE-2012-0775, CVE-2012-0777: an issue in acroread's\n javascript API could allow attackers to cause a denial of\n service or potentially execute arbitrary code\n", "edition": 1, "modified": "2012-04-18T19:08:26", "published": "2012-04-18T19:08:26", "id": "SUSE-SU-2012:0522-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html", "type": "suse", "title": "Security update for Acrobat Reader (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:39:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "description": "Acroread update to version 9.5.1 to fix several security\n issues\n\n", "edition": 1, "modified": "2012-04-16T17:08:30", "published": "2012-04-16T17:08:30", "id": "OPENSUSE-SU-2012:0512-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html", "title": "update for acroread (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-18T11:07:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "description": "Check for the Version of update", "modified": "2018-01-17T00:00:00", "published": "2012-12-13T00:00:00", "id": "OPENVAS:850184", "href": "http://plugins.openvas.org/nasl.php?oid=850184", "type": "openvas", "title": "SuSE Update for update openSUSE-SU-2012:0512-1 (update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_0512_1.nasl 8448 2018-01-17 16:18:06Z teissa $\n#\n# SuSE Update for update openSUSE-SU-2012:0512-1 (update)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"update on openSUSE 12.1, openSUSE 11.4\";\ntag_insight = \"Acroread update to version 9.5.1 to fix several security\n issues\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850184);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:20 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:0512_1\");\n script_name(\"SuSE Update for update openSUSE-SU-2012:0512-1 (update)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~9.5.1~0.7.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"acroread-cmaps\", rpm:\"acroread-cmaps~9.4.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acroread-fonts-ja\", rpm:\"acroread-fonts-ja~9.4.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acroread-fonts-ko\", rpm:\"acroread-fonts-ko~9.4.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acroread-fonts-zh_CN\", rpm:\"acroread-fonts-zh_CN~9.4.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acroread-fonts-zh_TW\", rpm:\"acroread-fonts-zh_TW~9.4.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~9.5.1~3.10.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.", "modified": "2017-05-10T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:803827", "href": "http://plugins.openvas.org/nasl.php?oid=803827", "type": "openvas", "title": "Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_acrobat_mult_vuln_apr12_macosx.nasl 6093 2017-05-10 09:03:18Z teissa $\n#\n# Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let attackers to bypass certain security\n restrictions, execute arbitrary code via unspecified vectors or cause a\n denial of service.\n Impact Level: System/Application\";\n\ntag_affected = \"Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Mac OS X\";\ntag_insight = \"The flaws are due to\n - An unspecified error when handling JavaScript/JavaScript API can be\n exploited to corrupt memory.\n - An integer overflow error when handling True Type Font (TTF) can be\n exploited to corrupt memory.\n - The application loads executables (msiexec.exe) in an insecure manner.\";\ntag_solution = \"Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 on later,\n For updates refer to http://www.adobe.com\";\ntag_summary = \"This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(803827);\n script_version(\"$Revision: 6093 $\");\n script_cve_id(\"CVE-2012-0777\", \"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52950, 52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 15:26:49 +0530 (Thu, 11 Jul 2013)\");\n script_name(\"Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48733\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1026908\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nacrobatVer = \"\";\n\n## Function to check the versions of abode acrobat\nfunction version_check(ver)\n{\n if(version_in_range(version:ver, test_version:\"9.0\", test_version2:\"9.5\") ||\n version_in_range(version:ver, test_version:\"10.0\", test_version2:\"10.1.2\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Get Acrobat version\nacrobatVer = get_kb_item(\"Adobe/Acrobat/MacOSX/Version\");\nif(acrobatVer && acrobatVer =~ \"^(9|10)\"){\n version_check(ver:acrobatVer);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.", "modified": "2018-10-15T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:1361412562310803827", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803827", "type": "openvas", "title": "Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_acrobat_mult_vuln_apr12_macosx.nasl 11905 2018-10-15 12:43:50Z cfischer $\n#\n# Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803827\");\n script_version(\"$Revision: 11905 $\");\n script_cve_id(\"CVE-2012-0777\", \"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52950, 52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-15 14:43:50 +0200 (Mon, 15 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 15:26:49 +0530 (Thu, 11 Jul 2013)\");\n script_name(\"Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48733\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1026908\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to bypass certain security\n restrictions, execute arbitrary code via unspecified vectors or cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be\n exploited to corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be\n exploited to corrupt memory.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nvers = infos['version'];\n\nif( vers !~ \"^(9|10)\\.0\" ) exit( 99 );\n\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"9.0\", test_version2:\"9.5\" ) ||\n version_in_range( version:vers, test_version:\"10.0\", test_version2:\"10.1.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.5.1/10.1.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "This host is installed with Adobe Reader and is prone to multiple\n vulnerabilities.", "modified": "2018-10-15T00:00:00", "published": "2012-04-17T00:00:00", "id": "OPENVAS:1361412562310802749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802749", "type": "openvas", "title": "Adobe Reader Multiple Vulnerabilities April-2012 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_apr12_macosx.nasl 11905 2018-10-15 12:43:50Z cfischer $\n#\n# Adobe Reader Multiple Vulnerabilities April-2012 (Mac OS X)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802749\");\n script_version(\"$Revision: 11905 $\");\n script_cve_id(\"CVE-2012-0777\", \"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52950, 52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-15 14:43:50 +0200 (Mon, 15 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-17 13:03:11 +0530 (Tue, 17 Apr 2012)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities April-2012 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be exploited\n to corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be exploited\n to corrupt memory.\n\n - The application loads executables (msiexec.exe) in an insecure manner.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to bypass certain security\n restrictions, execute arbitrary code via unspecified vectors or cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 9.x to 9.5 and prior and 10.x to 10.1.2 on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 9.5.1 or 10.1.3 or later.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48733\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1026908\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nvers = infos['version'];\n\nif( vers !~ \"^(9|10)\\.0\" ) exit( 99 );\n\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"9.0\", test_version2:\"9.5\" ) ||\n version_in_range( version:vers, test_version:\"10.0\", test_version2:\"10.1.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.5.1/10.1.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-26T15:07:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.", "modified": "2020-04-22T00:00:00", "published": "2012-04-16T00:00:00", "id": "OPENVAS:1361412562310802747", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802747", "type": "openvas", "title": "Adobe Reader Multiple Vulnerabilities April-2012 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Multiple Vulnerabilities April-2012 (Linux)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802747\");\n script_version(\"2020-04-22T10:27:30+0000\");\n script_cve_id(\"CVE-2012-0777\", \"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52950, 52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-22 10:27:30 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-04-16 19:08:36 +0530 (Mon, 16 Apr 2012)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities April-2012 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be exploited\nto corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be exploited\nto corrupt memory.\n\n - The application loads executables (msiexec.exe) in an insecure manner.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to bypass certain security restrictions,\nexecute arbitrary code via unspecified vectors or cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Adobe Reader version 9.x to 9.4.6 on Linux\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 9.5.1 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48733/\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1026908\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Linux/Version\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(readerVer =~ \"^9\")\n{\n if(version_in_range(version:readerVer, test_version:\"9.0\", test_version2:\"9.4.6\")){\n report = report_fixed_ver(installed_version:readerVer, vulnerable_range:\"9.0 - 9.4.6\");\n security_message(port:0, data:report);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775"], "description": "This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2012-04-16T00:00:00", "id": "OPENVAS:1361412562310802748", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802748", "type": "openvas", "title": "Adobe Reader Multiple Vulnerabilities April-2012 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_apr12_win.nasl 11890 2018-10-12 16:13:30Z cfischer $\n#\n# Adobe Reader Multiple Vulnerabilities April-2012 (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802748\");\n script_version(\"$Revision: 11890 $\");\n script_cve_id(\"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 18:13:30 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-16 19:08:36 +0530 (Mon, 16 Apr 2012)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities April-2012 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be exploited\nto corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be exploited\nto corrupt memory.\n\n - The application loads executables (msiexec.exe) in an insecure manner.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to bypass certain security\nrestrictions, execute arbitrary code via unspecified vectors or cause a denial of service.\");\n script_tag(name:\"affected\", value:\"Adobe Reader version 9.x to 9.5 and prior and 10.x to 10.1.2 on Windows\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 9.5.1 or 10.1.3 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48733\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1026908\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nfunction version_check(ver)\n{\n if(version_in_range(version:ver, test_version:\"9.0\", test_version2:\"9.5\") ||\n version_in_range(version:ver, test_version:\"10.0\", test_version2:\"10.1.2\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(readerVer =~ \"^(9|10)\"){\n version_check(ver:readerVer);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775"], "description": "This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:1361412562310803829", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803829", "type": "openvas", "title": "Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803829\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 15:18:22 +0530 (Thu, 11 Jul 2013)\");\n script_name(\"Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48733\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1026908\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to bypass certain security\n restrictions, execute arbitrary code via unspecified vectors or cause a\n denial of service.\");\n script_tag(name:\"affected\", value:\"Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Windows\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be\n exploited to corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be\n exploited to corrupt memory.\n\n - The application loads executables (msiexec.exe) in an insecure manner.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 on later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"9.0\", test_version2:\"9.5\" ) ||\n version_in_range( version:vers, test_version:\"10.0\", test_version2:\"10.1.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.5.1/10.1.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:59:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775"], "description": "This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.", "modified": "2017-12-21T00:00:00", "published": "2013-07-11T00:00:00", "id": "OPENVAS:803829", "href": "http://plugins.openvas.org/nasl.php?oid=803829", "type": "openvas", "title": "Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_acrobat_mult_vuln_apr12_win.nasl 8210 2017-12-21 10:26:31Z cfischer $\n#\n# Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\ntag_impact = \"Successful exploitation will let attackers to bypass certain security\n restrictions, execute arbitrary code via unspecified vectors or cause a\n denial of service.\n\n Impact Level: System/Application\";\n\ntag_affected = \"Adobe Acrobat version 9.x to 9.5 and prior and 10.x to 10.1.2 on Windows\";\n\ntag_insight = \"The flaws are due to\n\n - An unspecified error when handling JavaScript/JavaScript API can be\n exploited to corrupt memory.\n\n - An integer overflow error when handling True Type Font (TTF) can be\n exploited to corrupt memory.\n\n - The application loads executables (msiexec.exe) in an insecure manner.\";\n\ntag_solution = \"Upgrade to Adobe Acrobat version 9.5.1 or 10.1.3 on later,\n For updates refer to http://www.adobe.com\";\n\ntag_summary = \"This host is installed with Adobe Acrobat and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(803829);\n script_version(\"$Revision: 8210 $\");\n script_cve_id(\"CVE-2012-0776\", \"CVE-2012-0774\", \"CVE-2012-0775\");\n script_bugtraq_id(52952, 52951, 52949);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 11:26:31 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-11 15:18:22 +0530 (Thu, 11 Jul 2013)\");\n script_name(\"Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48733\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1026908\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"9.0\", test_version2:\"9.5\" ) ||\n version_in_range( version:vers, test_version:\"10.0\", test_version2:\"10.1.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.5.1/10.1.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4371", "CVE-2011-4372", "CVE-2012-0774", "CVE-2011-4373", "CVE-2012-0776", "CVE-2011-4370", "CVE-2012-0775", "CVE-2012-0777"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-14.", "modified": "2018-10-12T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071581", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071581", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-14 (acroread)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_14.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71581\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4370\", \"CVE-2011-4371\", \"CVE-2011-4372\", \"CVE-2011-4373\", \"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0776\", \"CVE-2012-0777\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:55 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-14 (acroread)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Adobe Reader might allow remote\nattackers to execute arbitrary code or conduct various other attacks.\");\n script_tag(name:\"solution\", value:\"All Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-9.5.1'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-14\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=405949\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=411499\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-14.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-text/acroread\", unaffected: make_list(\"ge 9.5.1\"), vulnerable: make_list(\"lt 9.5.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4371", "CVE-2011-4372", "CVE-2012-0774", "CVE-2011-4373", "CVE-2012-0776", "CVE-2011-4370", "CVE-2012-0775", "CVE-2012-0777"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-14.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71581", "href": "http://plugins.openvas.org/nasl.php?oid=71581", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-14 (acroread)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Adobe Reader might allow remote\nattackers to execute arbitrary code or conduct various other attacks.\";\ntag_solution = \"All Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-9.5.1'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=405949\nhttp://bugs.gentoo.org/show_bug.cgi?id=411499\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-14.\";\n\n \n \nif(description)\n{\n script_id(71581);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4370\", \"CVE-2011-4371\", \"CVE-2011-4372\", \"CVE-2011-4373\", \"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0776\", \"CVE-2012-0777\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:55 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-14 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-text/acroread\", unaffected: make_list(\"ge 9.5.1\"), vulnerable: make_list(\"lt 9.5.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-20T15:13:34", "description": "The Acrobat Reader has been updated to version 9.5.1 to fix the\nfollowing issues :\n\n - crafted fonts inside PDFs could allow attackers to cause\n an integer overflow, resulting in the possibility of\n arbitrary code execution. (CVE-2012-0774)\n\n - an issue in acroread's JavaScript API could\n allowattackers to cause a denial of service or\n potentially execute arbitrary code. (CVE-2012-0775 /\n CVE-2012-0777)", "edition": 20, "published": "2012-04-18T00:00:00", "title": "SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 8077)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "modified": "2012-04-18T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_ACROREAD-8077.NASL", "href": "https://www.tenable.com/plugins/nessus/58776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58776);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n\n script_name(english:\"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 8077)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Acrobat Reader has been updated to version 9.5.1 to fix the\nfollowing issues :\n\n - crafted fonts inside PDFs could allow attackers to cause\n an integer overflow, resulting in the possibility of\n arbitrary code execution. (CVE-2012-0774)\n\n - an issue in acroread's JavaScript API could\n allowattackers to cause a denial of service or\n potentially execute arbitrary code. (CVE-2012-0775 /\n CVE-2012-0777)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0777.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8077.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-9.5.1-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-cmaps-9.4.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-fonts-ja-9.4.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-fonts-ko-9.4.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-fonts-zh_CN-9.4.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"acroread-fonts-zh_TW-9.4.6-0.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:24:46", "description": "Acroread update to version 9.5.1 to fix several security issues", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : acroread (openSUSE-SU-2012:0512-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:acroread-fonts-ja", "p-cpe:/a:novell:opensuse:acroread-cmaps", "p-cpe:/a:novell:opensuse:acroread", "p-cpe:/a:novell:opensuse:acroread-fonts-ko", "p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN", "p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW"], "id": "OPENSUSE-2012-226.NASL", "href": "https://www.tenable.com/plugins/nessus/74602", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-226.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74602);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n\n script_name(english:\"openSUSE Security Update : acroread (openSUSE-SU-2012:0512-1)\");\n script_summary(english:\"Check for the openSUSE-2012-226 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Acroread update to version 9.5.1 to fix several security issues\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-04/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread-cmaps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread-fonts-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread-fonts-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-9.5.1-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-cmaps-9.4.1-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-fonts-ja-9.4.1-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-fonts-ko-9.4.1-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-fonts-zh_CN-9.4.1-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"acroread-fonts-zh_TW-9.4.1-3.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread-cmaps / acroread-fonts-ja / acroread-fonts-ko / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:37:21", "description": "Specially crafted PDF files could have caused a denial of service or\nhave lead to the execution of arbitrary code in the context of the\nuser running acroread :\n\n - crafted fonts inside PDFs could allow attackers to cause\n an integer overflow, resulting in the possibility of\n arbitrary code execution. (CVE-2012-0774)\n\n - an issue in acroread's JavaScript API could allow\n attackers to cause a denial of service or potentially\n execute arbitrary code. (CVE-2012-0775 / CVE-2012-0777)", "edition": 20, "published": "2012-04-18T00:00:00", "title": "SuSE 11.1 Security Update : Acrobat Reader (SAT Patch Number 6138)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "modified": "2012-04-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja", "p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko", "p-cpe:/a:novell:suse_linux:11:acroread-cmaps", "p-cpe:/a:novell:suse_linux:11:acroread", "p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW"], "id": "SUSE_11_ACROREAD-120413.NASL", "href": "https://www.tenable.com/plugins/nessus/58774", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58774);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n\n script_name(english:\"SuSE 11.1 Security Update : Acrobat Reader (SAT Patch Number 6138)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could have caused a denial of service or\nhave lead to the execution of arbitrary code in the context of the\nuser running acroread :\n\n - crafted fonts inside PDFs could allow attackers to cause\n an integer overflow, resulting in the possibility of\n arbitrary code execution. (CVE-2012-0774)\n\n - an issue in acroread's JavaScript API could allow\n attackers to cause a denial of service or potentially\n execute arbitrary code. (CVE-2012-0775 / CVE-2012-0777)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=742126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0777.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6138.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread-cmaps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-9.5.1-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-cmaps-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-fonts-ja-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-fonts-ko-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-fonts-zh_CN-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"acroread-fonts-zh_TW-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"acroread-cmaps-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"acroread-fonts-ja-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"acroread-fonts-ko-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"acroread-fonts-zh_CN-9.4.6-0.4.2.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"acroread-fonts-zh_TW-9.4.6-0.4.2.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:13:05", "description": "The version of Adobe Acrobat installed on the remote host is earlier\nthan 10.1.3 / 9.5.1 and is, therefore, affected by multiple\nvulnerabilities :\n\n - An integer overflow vulnerability exists in True Type \n Font (TFF). (CVE-2012-0774)\n\n - A memory corruption vulnerability exists in the \n JavaScript handling. (CVE-2012-0775)\n\n - A security bypass exists in the Adobe Acrobat installer.\n (CVE-2012-0776)", "edition": 23, "published": "2012-04-11T00:00:00", "title": "Adobe Acrobat < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB12-08.NASL", "href": "https://www.tenable.com/plugins/nessus/58682", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58682);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0776\");\n script_bugtraq_id(52949, 52951, 52952);\n \n script_name(english:\"Adobe Acrobat < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)\");\n script_summary(english:\"Checks version of Adobe Acrobat\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The version of Adobe Acrobat on the remote Windows host is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\",value:\n\"The version of Adobe Acrobat installed on the remote host is earlier\nthan 10.1.3 / 9.5.1 and is, therefore, affected by multiple\nvulnerabilities :\n\n - An integer overflow vulnerability exists in True Type \n Font (TFF). (CVE-2012-0774)\n\n - A memory corruption vulnerability exists in the \n JavaScript handling. (CVE-2012-0775)\n\n - A security bypass exists in the Adobe Acrobat installer.\n (CVE-2012-0776)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dvlabs.tippingpoint.com/advisory/TPTI-12-03\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Acrobat 9.5.1 / 10.1.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:'Windows');\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies('adobe_acrobat_installed.nasl');\n script_require_keys('SMB/Acrobat/Version');\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/Acrobat/Version\");\nversion_ui = get_kb_item('SMB/Acrobat/Version_UI');\n\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui;\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif ( \n (ver[0] == 9 && ver[1] < 5) ||\n (ver[0] == 9 && ver[1] == 5 && ver[2] == 0) ||\n (ver[0] == 10 && ver[1] < 1) ||\n (ver[0] == 10 && ver[1] == 1 && ver[2] < 3)\n)\n{\n if (report_verbosity > 0)\n {\n path = get_kb_item('SMB/Acrobat/Path');\n if (isnull(path)) path = 'n/a';\n\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version_report+\n '\\n Fixed version : 9.5.1 / 10.1.3\\n';\n security_hole(port:get_kb_item('SMB/transport'), extra:report);\n }\n else security_hole(get_kb_item('SMB/transport'));\n}\nelse exit(0, \"The Adobe Acrobat \"+version_report+\" install is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:14:28", "description": "The version of Adobe Reader installed on the remote host is earlier\nthan 10.1.3 / 9.5.1 and is, therefore, affected by multiple\nvulnerabilities :\n\n - An integer overflow vulnerability exists in True Type \n Font (TFF). (CVE-2012-0774)\n\n - A memory corruption vulnerability exists in the \n JavaScript handling. (CVE-2012-0775)\n\n - A security bypass exists in the Adobe Reader installer.\n (CVE-2012-0776)", "edition": 23, "published": "2012-04-11T00:00:00", "title": "Adobe Reader < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB12-08.NASL", "href": "https://www.tenable.com/plugins/nessus/58683", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58683);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/06/27 18:42:27\");\n\n script_cve_id(\"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0776\");\n script_bugtraq_id(52949, 52951, 52952);\n\n script_name(english:\"Adobe Reader < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)\");\n script_summary(english:\"Checks version of Adobe Reader\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The version of Adobe Reader on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\",value:\n\"The version of Adobe Reader installed on the remote host is earlier\nthan 10.1.3 / 9.5.1 and is, therefore, affected by multiple\nvulnerabilities :\n\n - An integer overflow vulnerability exists in True Type \n Font (TFF). (CVE-2012-0774)\n\n - A memory corruption vulnerability exists in the \n JavaScript handling. (CVE-2012-0775)\n\n - A security bypass exists in the Adobe Reader installer.\n (CVE-2012-0776)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dvlabs.tippingpoint.com/advisory/TPTI-12-03\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Reader 9.5.1 / 10.1.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:'Windows');\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies('adobe_reader_installed.nasl');\n script_require_keys('SMB/Acroread/Version');\n exit(0);\n}\n\n\ninclude('global_settings.inc');\n\ninfo = '';\ninfo2 = '';\nvuln = 0;\nvers = get_kb_list('SMB/Acroread/Version');\nif (isnull(vers)) exit(0, 'The \"SMB/Acroread/Version\" KB list is missing.');\n\nforeach version (vers)\n{\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n path = get_kb_item('SMB/Acroread/'+version+'/Path');\n if (isnull(path)) path = 'n/a';\n\n verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI');\n if (isnull(verui)) verui = version;\n\n if ( \n (ver[0] == 9 && ver[1] < 5) ||\n (ver[0] == 9 && ver[1] == 5 && ver[2] == 0) ||\n (ver[0] == 10 && ver[1] < 1) ||\n (ver[0] == 10 && ver[1] == 1 && ver[2] < 3)\n )\n {\n vuln++;\n info += '\\n Path : '+path+\n '\\n Installed version : '+verui+\n '\\n Fixed version : 9.5.1 / 10.1.3\\n';\n }\n else\n info2 += \" and \" + verui;\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Adobe Reader are\";\n else s = \" of Adobe Reader is\";\n\n report =\n '\\nThe following vulnerable instance'+s+' installed on the'+\n '\\nremote host :\\n'+\n info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n\n exit(0);\n}\n\nif (info2) \n{\n info2 -= \" and \";\n if (\" and \" >< info2) be = \"are\";\n else be = \"is\";\n\n exit(0, \"The host is not affected since Adobe Reader \"+info2+\" \"+be+\" installed.\");\n}\nelse exit(1, \"Unexpected error - 'info2' is empty.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:10:37", "description": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nAdobe Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws\nare detailed on the Adobe security page APSB12-08, listed in the\nReferences section. A specially crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user\nrunning Adobe Reader when opened. (CVE-2012-0774, CVE-2012-0775,\nCVE-2012-0777)\n\nAll Adobe Reader users should install these updated packages. They\ncontain Adobe Reader version 9.5.1, which is not vulnerable to these\nissues. All running instances of Adobe Reader must be restarted for\nthe update to take effect.", "edition": 26, "published": "2012-04-11T00:00:00", "title": "RHEL 5 / 6 : acroread (RHSA-2012:0469)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4371", "CVE-2011-4372", "CVE-2012-0774", "CVE-2011-4373", "CVE-2011-4370", "CVE-2012-0775", "CVE-2012-0777"], "modified": "2012-04-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.2", "p-cpe:/a:redhat:enterprise_linux:acroread-plugin", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:acroread"], "id": "REDHAT-RHSA-2012-0469.NASL", "href": "https://www.tenable.com/plugins/nessus/58676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0469. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58676);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4370\", \"CVE-2011-4371\", \"CVE-2011-4372\", \"CVE-2011-4373\", \"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0777\");\n script_bugtraq_id(52949, 52950, 52951);\n script_xref(name:\"RHSA\", value:\"2012:0469\");\n\n script_name(english:\"RHEL 5 / 6 : acroread (RHSA-2012:0469)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nAdobe Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws\nare detailed on the Adobe security page APSB12-08, listed in the\nReferences section. A specially crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user\nrunning Adobe Reader when opened. (CVE-2012-0774, CVE-2012-0775,\nCVE-2012-0777)\n\nAll Adobe Reader users should install these updated packages. They\ncontain Adobe Reader version 9.5.1, which is not vulnerable to these\nissues. All running instances of Adobe Reader must be restarted for\nthe update to take effect.\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb12-08.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb12-08.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4373\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread and / or acroread-plugin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:acroread-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0469\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"acroread-9.5.1-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"acroread-plugin-9.5.1-1.el5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"acroread-9.5.1-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"acroread-plugin-9.5.1-1.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread / acroread-plugin\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:54:16", "description": "The remote host is affected by the vulnerability described in GLSA-201206-14\n(Adobe Reader: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in Adobe Reader, including an\n integer overflow in TrueType Font handling (CVE-2012-0774) and multiple\n unspecified errors which could cause memory corruption.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted PDF\n file, possibly resulting in execution of arbitrary code with the\n privileges of the process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "published": "2012-06-25T00:00:00", "title": "GLSA-201206-14 : Adobe Reader: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4371", "CVE-2011-4372", "CVE-2012-0774", "CVE-2011-4373", "CVE-2012-0776", "CVE-2011-4370", "CVE-2012-0775", "CVE-2012-0777"], "modified": "2012-06-25T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:acroread"], "id": "GENTOO_GLSA-201206-14.NASL", "href": "https://www.tenable.com/plugins/nessus/59667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-14.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59667);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4370\", \"CVE-2011-4371\", \"CVE-2011-4372\", \"CVE-2011-4373\", \"CVE-2012-0774\", \"CVE-2012-0775\", \"CVE-2012-0776\", \"CVE-2012-0777\");\n script_bugtraq_id(51348, 51349, 51350, 51351, 52949, 52950, 52951, 52952);\n script_xref(name:\"GLSA\", value:\"201206-14\");\n\n script_name(english:\"GLSA-201206-14 : Adobe Reader: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-14\n(Adobe Reader: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in Adobe Reader, including an\n integer overflow in TrueType Font handling (CVE-2012-0774) and multiple\n unspecified errors which could cause memory corruption.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted PDF\n file, possibly resulting in execution of arbitrary code with the\n privileges of the process or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Adobe Reader users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-9.5.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/acroread\", unaffected:make_list(\"ge 9.5.1\"), vulnerable:make_list(\"lt 9.5.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Adobe Reader\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:27:03", "description": "The version of Adobe Reader installed on the remote Mac OS X host is\nprior to 10.1.3 or 9.5.1. It is, therefore, affected by the following\nvulnerabilities :\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code via a crafted True\n Type Font (TFF). (CVE-2012-0774)\n\n - A memory corruption issue exists in JavaScript handling\n that allows an attacker to execute arbitrary code.\n (CVE-2012-0775)\n\n - A security bypass vulnerability exists in the Adobe\n Reader installer that allows an attacker to execute\n arbitrary code. (CVE-2012-0776)\n\n - A memory corruption issue exists in the JavaScript API\n that allows an attacker to execute arbitrary code or\n cause a denial of service. (CVE-2012-0777)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 26, "published": "2012-04-11T00:00:00", "title": "Adobe Reader < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-03, APSB12-05, APSB12-07, APSB12-08) (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0754", "CVE-2012-0773", "CVE-2012-0752", "CVE-2012-0724", "CVE-2012-0753", "CVE-2012-0769", "CVE-2012-0768", "CVE-2012-0774", "CVE-2012-0772", "CVE-2012-0776", "CVE-2012-0756", "CVE-2012-0751", "CVE-2012-0755", "CVE-2012-0725", "CVE-2012-0775", "CVE-2012-0767", "CVE-2012-0777"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOSX_ADOBE_READER_APSB12-08.NASL", "href": "https://www.tenable.com/plugins/nessus/58684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58684);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2012-0724\",\n \"CVE-2012-0725\",\n \"CVE-2012-0751\",\n \"CVE-2012-0752\",\n \"CVE-2012-0753\",\n \"CVE-2012-0754\",\n \"CVE-2012-0755\",\n \"CVE-2012-0756\",\n \"CVE-2012-0767\",\n \"CVE-2012-0768\",\n \"CVE-2012-0769\",\n \"CVE-2012-0772\",\n \"CVE-2012-0773\",\n \"CVE-2012-0774\",\n \"CVE-2012-0775\",\n \"CVE-2012-0776\",\n \"CVE-2012-0777\"\n );\n script_bugtraq_id(\n 52032,\n 52033,\n 52034,\n 52035,\n 52036,\n 52037,\n 52040,\n 52297,\n 52299,\n 52748,\n 52914,\n 52916,\n 52949,\n 52950,\n 52951,\n 52952\n );\n\n script_name(english:\"Adobe Reader < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-03, APSB12-05, APSB12-07, APSB12-08) (Mac OS X)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Mac OS X host is\nprior to 10.1.3 or 9.5.1. It is, therefore, affected by the following\nvulnerabilities :\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code via a crafted True\n Type Font (TFF). (CVE-2012-0774)\n\n - A memory corruption issue exists in JavaScript handling\n that allows an attacker to execute arbitrary code.\n (CVE-2012-0775)\n\n - A security bypass vulnerability exists in the Adobe\n Reader installer that allows an attacker to execute\n arbitrary code. (CVE-2012-0776)\n\n - A memory corruption issue exists in the JavaScript API\n that allows an attacker to execute arbitrary code or\n cause a denial of service. (CVE-2012-0777)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 10.1.3 / 9.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player MP4 \"cprt\" Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_set_attribute(attribute:\"see_also\", value:\"http://dvlabs.tippingpoint.com/advisory/TPTI-12-03\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-03.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-05.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-07.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-08.html\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\"))\n audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (!get_kb_item(\"Host/MacOSX/Version\"))\n audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp = \"Adobe Reader\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\nver = split(version, sep:\".\", keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n (ver[0] == 9 && ver[1] < 5) ||\n (ver[0] == 9 && ver[1] == 5 && ver[2] == 0)\n)\n fix = \"9.5.1\";\nelse if (\n (ver[0] == 10 && ver[1] < 1) ||\n (ver[0] == 10 && ver[1] == 1 && ver[2] < 3)\n)\n fix = \"10.1.3\";\nelse\n fix = \"\";\n\nif (fix)\n{\n info =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:0, extra:info, severity:SECURITY_HOLE);\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "Memory corruptions, integer overflow, code execution.", "edition": 1, "modified": "2012-04-19T00:00:00", "published": "2012-04-19T00:00:00", "id": "SECURITYVULNS:VULN:12325", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12325", "title": "Adobe Acrobat / Reader multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2012-0774", "CVE-2012-0776", "CVE-2012-0775", "CVE-2012-0777"], "description": "Security updates available for Adobe Reader and Acrobat\r\n\r\nRelease date: April 10, 2012\r\n\r\nLast updated: April 17, 1012\r\n\r\nVulnerability identifier: APSB12-08\r\n\r\nPriority rating: See table below\r\n\r\nCVE numbers: CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777\r\n\r\nPlatform: All\r\n\r\nSUMMARY\r\n\r\nAdobe released security updates for Adobe Reader X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh. These updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.\r\n\r\nAdobe recommends users of Adobe Reader X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh update to Adobe Reader X &#40;10.1.3&#41;. For users of Adobe Reader 9.5 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader X &#40;10.1.3&#41;, Adobe has made available the update Adobe Reader 9.5.1. Adobe recommends users of Adobe Reader 9.4.6 and earlier versions for Linux update to Adobe Reader 9.5.1. Adobe recommends users of Adobe Acrobat X &#40;10.1.2&#41; for Windows and Macintosh update to Adobe Acrobat X &#40;10.1.3&#41;. Adobe recommends users of Adobe Acrobat 9.5 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.5.1.\r\n\r\nAFFECTED SOFTWARE VERSIONS\r\n\r\nAdobe Reader X &#40;10.1.2&#41; and earlier 10.x versions for Windows and Macintosh\r\nAdobe Reader 9.5 and earlier 9.x versions for Windows and Macintosh\r\nAdobe Reader 9.4.6 and earlier 9.x versions for Linux\r\nAdobe Acrobat X &#40;10.1.2&#41; and earlier 10.x versions for Windows and Macintosh\r\nAdobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh\r\nSOLUTION\r\n\r\nAdobe recommends users update their software installations by following the instructions below:\r\n\r\nAdobe Reader\r\nUsers on Windows and Macintosh can utilize the product&#39;s update mechanism. The default configuration is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help &gt; Check for Updates.\r\n\r\nAdobe Reader users on Windows can also find the appropriate update here:\r\nhttp://www.adobe.com/support/downloads/product.jsp?product=10&amp;platform=Windows.\r\n\r\nAdobe Reader users on Macintosh can also find the appropriate update here:\r\nhttp://www.adobe.com/support/downloads/product.jsp?product=10&amp;platform=Macintosh.\r\n\r\nAdobe Reader users on Linux can find the appropriate update here: ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/.\r\n\r\nAdobe Acrobat \r\nUsers can utilize the product&#39;s update mechanism. The default configuration is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help &gt; Check for Updates.\r\n\r\nAcrobat Standard and Pro users on Windows can also find the appropriate update here: \r\nhttp://www.adobe.com/support/downloads/product.jsp?product=1&amp;platform=Windows.\r\n\r\nAcrobat Pro Extended users on Windows can also find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&amp;platform=Windows.\r\n\r\nAcrobat Pro users on Macintosh can also find the appropriate update here: \r\nhttp://www.adobe.com/support/downloads/product.jsp?product=1&amp;platform=Macintosh.\r\n\r\nPRIORITY AND SEVERITY RATINGS\r\n\r\nAdobe categorizes these updates with the following priority ratings and recommends users update their installations to the newest versions:\r\n\r\nProduct\r\nUpdated Version\r\nPlatform\r\nPriority Rating\r\nAdobe Reader\tX &#40;10.1.3&#41;\tWindows and Macintosh\t\r\n2\r\n \t9.5.1\tWindows\t\r\n1\r\n \t9.5.1\tMacintosh and Linux\t\r\n2\r\nAdobe Acrobat\tX &#40;10.1.3&#41;\tWindows and Macintosh\t\r\n2\r\n \t9.5.1\t Windows\t\r\n1\r\n \t9.5.1\tMacintosh\t\r\n2\r\n\r\nThese updates address critical vulnerabilities in the software.\r\n\r\nDETAILS\r\n\r\nAdobe released security updates for Adobe Reader X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh. These updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.\r\n\r\nAdobe recommends users of Adobe Reader X &#40;10.1.2&#41; and earlier versions for Windows and Macintosh update to Adobe Reader X &#40;10.1.3&#41;. For users of Adobe Reader 9.5 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader X &#40;10.1.3&#41;, Adobe has made available the update Adobe Reader 9.5.1. Adobe recommends users of Adobe Reader 9.4.6 and earlier versions for Linux update to Adobe Reader 9.5.1. Adobe recommends users of Adobe Acrobat X &#40;10.1.2&#41; for Windows and Macintosh update to Adobe Acrobat X &#40;10.1.3&#41;. Adobe recommends users of Adobe Acrobat 9.5 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.5.1.\r\n\r\nThese updates resolve an integer overflow in the True Type Font &#40;TTF&#41; handling that could lead to code execution &#40;CVE-2012-0774&#41;.\r\n\r\nThese updates resolve a memory corruption in the JavaScript handling that could lead to code execution &#40;CVE-2012-0775&#41;.\r\n\r\nThese updates resolve a security bypass via the Adobe Reader installer that could lead to code execution &#40;CVE-2012-0776&#41;.\r\n\r\nThese updates resolve a memory corruption in the JavaScript API that could lead to code execution &#40;CVE-2012-0777&#41; &#40;Macintosh and Linux only&#41;.\r\n\r\nThe Adobe Reader X &#40;10.1.3&#41; and Adobe Acrobat X &#40;10.1.3&#41; updates also incorporate the Adobe Flash Player updates as noted in Security Bulletins APSB12-03, APSB12-05 and APSB12-07. The Adobe Reader 9.5.1 update for Linux also incorporates the updates noted in Security Bulletin APSB12-01.\r\n\r\nFor additional information related to Adobe Reader and Acrobat 9.5.1 changes impacting the authplay.dll component, please refer to the ASSET blog post.\r\n\r\nACKNOWLEDGEMENTS\r\n\r\nAdobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:\r\n\r\nPeter Vreugdenhil, HP DVLabs &#40;CVE-2012-0774&#41;\r\nSoroush Dalili &#40;CVE-2012-0775&#41;\r\nMitja Kolsek of ACROS Security &#40;CVE-2012-0776&#41;\r\nJames Quirk, Los Alamos &#40;CVE-2012-0777&#41;\r\nREVISIONS\r\n\r\nApril 17, 2012 - Added information on Linux version and Security Bulletin APSB12-01.\r\nApril 10, 2012 - Bulletin released.\r\n\r\n ", "edition": 1, "modified": "2012-04-19T00:00:00", "published": "2012-04-19T00:00:00", "id": "SECURITYVULNS:DOC:27923", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27923", "title": "Security updates available for Adobe Reader and Acrobat", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2012-0773", "CVE-2012-0774", "CVE-2012-0772", "CVE-2012-0775"], "description": "Different memory corruptions.", "edition": 1, "modified": "2012-04-22T00:00:00", "published": "2012-04-22T00:00:00", "id": "SECURITYVULNS:VULN:12334", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12334", "title": "Adobe Flash Player multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:58:47", "description": "BUGTRAQ ID: 52949\r\nCVE ID: CVE-2012-0775\r\n\r\nAdobe Reader(\u4e5f\u88ab\u79f0\u4e3aAcrobat Reader)\u662f\u7f8e\u56fdAdobe\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u4f18\u79c0\u7684PDF\u6587\u6863\u9605\u8bfb\u8f6f\u4ef6\u3002Acrobat\u662f1993\u5e74\u63a8\u51fa\u9488\u5bf9\u4f01\u4e1a\u3001\u6280\u672f\u4eba\u5458\u548c\u521b\u610f\u4e13\u4e1a\u4eba\u58eb\u7684\u7cfb\u5217\u4ea7\u54c1\uff0c\u4f7f\u667a\u80fd\u6587\u6863\u7684\u4f20\u9001\u548c\u534f\u4f5c\u66f4\u4e3a\u7075\u6d3b\u3001\u53ef\u9760\u548c\u5b89\u5168\u3002\r\n\r\nAdobe Acrobat\u548cReader\u5728JavaScript\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nAdobe Acrobat 9.x\r\nAdobe Acrobat 10.x\r\nAdobe Reader 9.x\r\nAdobe Reader 10.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08apsb12-08\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\napsb12-08\uff1aPrenotification Security Advisory for Adobe Reader and Acrobat\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb12-08.html", "published": "2012-04-12T00:00:00", "title": "Adobe Acrobat\u548cReader\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2012-0775)", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0775"], "modified": "2012-04-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60036", "id": "SSV:60036", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:53:23", "description": "BUGTRAQ ID: 52951\r\nCVE ID: CVE-2012-0774\r\n\r\nAdobe Reader(\u4e5f\u88ab\u79f0\u4e3aAcrobat Reader)\u662f\u7f8e\u56fdAdobe\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u4f18\u79c0\u7684PDF\u6587\u6863\u9605\u8bfb\u8f6f\u4ef6\u3002Acrobat\u662f1993\u5e74\u63a8\u51fa\u9488\u5bf9\u4f01\u4e1a\u3001\u6280\u672f\u4eba\u5458\u548c\u521b\u610f\u4e13\u4e1a\u4eba\u58eb\u7684\u7cfb\u5217\u4ea7\u54c1\uff0c\u4f7f\u667a\u80fd\u6587\u6863\u7684\u4f20\u9001\u548c\u534f\u4f5c\u66f4\u4e3a\u7075\u6d3b\u3001\u53ef\u9760\u548c\u5b89\u5168\u3002\r\n\r\nAdobe Acrobat\u548cReader\u5728True Type Font (TTF)\u5904\u7406\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nAdobe Acrobat 9.x\r\nAdobe Acrobat 10.x\r\nAdobe Reader 9.x\r\nAdobe Reader 10.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08apsb12-08\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\napsb12-08\uff1aPrenotification Security Advisory for Adobe Reader and Acrobat\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb12-08.html", "published": "2012-04-12T00:00:00", "type": "seebug", "title": "Adobe Acrobat\u548cReader\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e(CVE-2012-0774)", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0774"], "modified": "2012-04-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60037", "id": "SSV:60037", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:53:11", "description": "BUGTRAQ ID: 52950\r\nCVE ID: CVE-2012-0777\r\n\r\nAdobe Reader(\u4e5f\u88ab\u79f0\u4e3aAcrobat Reader)\u662f\u7f8e\u56fdAdobe\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u4f18\u79c0\u7684PDF\u6587\u6863\u9605\u8bfb\u8f6f\u4ef6\u3002Acrobat\u662f1993\u5e74\u63a8\u51fa\u9488\u5bf9\u4f01\u4e1a\u3001\u6280\u672f\u4eba\u5458\u548c\u521b\u610f\u4e13\u4e1a\u4eba\u58eb\u7684\u7cfb\u5217\u4ea7\u54c1\uff0c\u4f7f\u667a\u80fd\u6587\u6863\u7684\u4f20\u9001\u548c\u534f\u4f5c\u66f4\u4e3a\u7075\u6d3b\u3001\u53ef\u9760\u548c\u5b89\u5168\u3002\r\n\r\nAdobe Acrobat\u548cReader\u5728JavaScript API\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nAdobe Acrobat 9.x\r\nAdobe Acrobat 10.x\r\nAdobe Reader 9.x\r\nAdobe Reader 10.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08apsb12-08\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\napsb12-08\uff1aPrenotification Security Advisory for Adobe Reader and Acrobat\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb12-08.html", "published": "2012-04-12T00:00:00", "type": "seebug", "title": "Adobe Acrobat\u548cReader\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2012-0777)", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0777"], "modified": "2012-04-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60038", "id": "SSV:60038", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-12-11T13:33:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4370", "CVE-2011-4371", "CVE-2011-4372", "CVE-2011-4373", "CVE-2012-0774", "CVE-2012-0775", "CVE-2012-0777"], "description": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB12-08, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2012-0774, CVE-2012-0775, CVE-2012-0777)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.5.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.\n", "modified": "2018-06-07T09:04:30", "published": "2012-04-10T04:00:00", "id": "RHSA-2012:0469", "href": "https://access.redhat.com/errata/RHSA-2012:0469", "type": "redhat", "title": "(RHSA-2012:0469) Critical: acroread security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:16", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4371", "CVE-2011-4372", "CVE-2012-0774", "CVE-2011-4373", "CVE-2012-0776", "CVE-2011-4370", "CVE-2012-0775", "CVE-2012-0777"], "description": "### Background\n\nAdobe Reader is a closed-source PDF reader.\n\n### Description\n\nMultiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling (CVE-2012-0774) and multiple unspecified errors which could cause memory corruption. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Reader users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/acroread-9.5.1\"", "edition": 1, "modified": "2012-06-22T00:00:00", "published": "2012-06-22T00:00:00", "id": "GLSA-201206-14", "href": "https://security.gentoo.org/glsa/201206-14", "type": "gentoo", "title": "Adobe Reader: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}