ID SECURITYVULNS:DOC:12858Type securityvulnsReporter SecurityvulnsModified 2006-05-27T00:00:00
Description
Homepage:
http://www.tuttophp.altervista.org/main.php
Description:
Text-based guestbook with the following features: - Data storing on text file - Paging of messages on
screen - Blockage of messages with words too long into - Blockage of messages with both html tags(<>) -
Validity-checking of email address
Effected files:
view.php
XSS achived by URL Injection of pagina variable:
http://www.example.com/prettyguest-ing/view.php?pagina=1<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>
{"id": "SECURITYVULNS:DOC:12858", "bulletinFamily": "software", "title": "Pretty Guestbook v1", "description": "Homepage:\r\nhttp://www.tuttophp.altervista.org/main.php\r\n\r\nDescription:\r\nText-based guestbook with the following features: - Data storing on text file - Paging of messages on\r\nscreen - Blockage of messages with words too long into - Blockage of messages with both html tags(<>) -\r\nValidity-checking of email address\r\n\r\nEffected files:\r\nview.php\r\n\r\nXSS achived by URL Injection of pagina variable:\r\n\r\nhttp://www.example.com/prettyguest-ing/view.php?pagina=1<IMG%20SRC=javascript:alert(String.fromCharCode(88,83,83))>", "published": "2006-05-27T00:00:00", "modified": "2006-05-27T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:12858", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:17", "edition": 1, "viewCount": 7, "enchantments": {"score": {"value": 2.8, "vector": "NONE", "modified": "2018-08-31T11:10:17", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB3023167", "KB2880833", "KB2874216", "KB3209587", "KB2788321", "KB981401", "KB955430"]}, {"type": "threatpost", "idList": ["THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_D887B3D9736611EAB81A001CC0382B2F.NASL", "FREEBSD_PKG_090763F6703011EA93DD080027846A02.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "freebsd", "idList": ["D887B3D9-7366-11EA-B81A-001CC0382B2F"]}, {"type": "zdt", "idList": ["1337DAY-ID-34159", "1337DAY-ID-34153", "1337DAY-ID-34161", "1337DAY-ID-34158", "1337DAY-ID-34154", "1337DAY-ID-34157"]}], "modified": "2018-08-31T11:10:17", "rev": 2}, "vulnersScore": 2.8}, "affectedSoftware": []}
{"cve": [{"lastseen": "2021-02-17T14:17:04", "description": "A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states \"This use-after-free is triggered prior to the double free reported in CVE-2017-12858.\"", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T19:15:00", "title": "CVE-2019-17582", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17582"], "modified": "2021-02-16T15:39:00", "cpe": ["cpe:/a:libzip:libzip:1.2.0"], "id": "CVE-2019-17582", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17582", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:libzip:libzip:1.2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:36:58", "description": "Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons.", "edition": 9, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-18T05:15:00", "title": "CVE-2020-12858", "type": "cve", "cwe": ["CWE-665"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12858"], "modified": "2020-05-20T19:39:00", "cpe": [], "id": "CVE-2020-12858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12858", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:14:28", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T01:15:00", "title": "CVE-2014-2595", "type": "cve", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2595"], "modified": "2020-02-20T15:55:00", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "id": "CVE-2014-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:21", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-18T22:15:00", "title": "CVE-2008-7273", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7273"], "modified": "2019-11-20T15:56:00", "cpe": [], "id": "CVE-2008-7273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T05:35:21", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-08T00:15:00", "title": "CVE-2008-7272", "type": "cve", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7272"], "modified": "2020-02-10T21:16:00", "cpe": [], "id": "CVE-2008-7272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:21:32", "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-04-30T14:29:00", "title": "CVE-2015-9286", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9286"], "modified": "2019-05-01T14:22:00", "cpe": [], "id": "CVE-2015-9286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:52:27", "description": "Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-12T18:29:00", "title": "CVE-2018-12858", "type": "cve", "cwe": ["CWE-704"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12858"], "modified": "2019-08-21T16:20:00", "cpe": ["cpe:/a:adobe:acrobat_reader_dc:18.011.20063", "cpe:/a:adobe:acrobat_dc:15.006.30452", "cpe:/a:adobe:acrobat_reader_dc:15.006.30452", "cpe:/a:adobe:acrobat_dc:18.011.20063", "cpe:/a:adobe:acrobat_reader_dc:17.011.30102", "cpe:/a:adobe:acrobat_dc:17.011.30102"], "id": "CVE-2018-12858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12858", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_dc:17.011.30102:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30452:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:15.006.30452:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:17.011.30102:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:18.011.20063:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:18.011.20063:*:*:*:continuous:*:*:*"]}], "rst": [{"lastseen": "2020-08-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **94[.]185.80.82** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **15**.\n First seen: 2020-06-02T03:00:00, Last seen: 2020-08-27T03:00:00.\n IOC tags: **malware**.\nWe found that the IOC is used by: **New VPNFilter malware targets at least 500K networking devices worldwide 133**.\nASN 47869: (First IP 94.185.80.0, Last IP 94.185.87.255).\nASN Name \"NETROUTINGAS\" and Organisation \"\".\nASN hosts 12858 domains.\nGEO IP information: City \"Stockholm\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-06-02T00:00:00", "id": "RST:B3BD9283-1E0A-3E37-BA26-F225C8C32B7B", "href": "", "published": "2020-08-30T00:00:00", "title": "RST Threat feed. IOC: 94.185.80.82", "type": "rst", "cvss": {}}, {"lastseen": "2020-08-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **94[.]228.211.22** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **32**.\n First seen: 2020-08-08T03:00:00, Last seen: 2020-08-26T03:00:00.\n IOC tags: **generic**.\nASN 47869: (First IP 94.228.208.0, Last IP 94.228.223.255).\nASN Name \"NETROUTINGAS\" and Organisation \"\".\nASN hosts 12858 domains.\nGEO IP information: City \"\", Country \"Netherlands\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-08-08T00:00:00", "id": "RST:3FADB164-DCD1-3CAD-8907-2840F0D93A1F", "href": "", "published": "2020-08-27T00:00:00", "title": "RST Threat feed. IOC: 94.228.211.22", "type": "rst", "cvss": {}}], "openvas": [{"lastseen": "2019-07-17T14:17:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814238", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814238\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:05 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017 version 2017.x before\n 2017.011.30105 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30105 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30104\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30105 (2017.011.30105)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Reader 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814237", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814237", "type": "openvas", "title": "Adobe Reader 2017 Security Updates(apsb18-30)-Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader 2017 Security Updates(apsb18-30)-Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814237\");\n script_version(\"2019-07-16T10:27:00+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:27:00 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:05 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Reader 2017 Security Updates(apsb18-30)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader 2017 version 2017.x before\n 2017.011.30105 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 2017 version\n 2017.011.30105 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30104\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"2017.011.30105\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat DC\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814229", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814229", "type": "openvas", "title": "Adobe Acrobat DC Security Updates (apsb18-30) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC Security Updates (apsb18-30)-MAC OS X\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814229\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:22 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat DC Security Updates (apsb18-30) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC version before\n 2019.008.20071 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC version\n 2019.008.20071 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"19.008.20071\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.008.20071 (2019.008.20071)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Reader DC\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814231", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814231", "type": "openvas", "title": "Adobe Reader DC Security Updates (apsb18-30) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader DC Security Updates (apsb18-30)-MAC OS X\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814231\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:22 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Reader DC Security Updates (apsb18-30) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader DC\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader DC version before\n 2019.008.20071 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader DC version\n 2019.008.20071 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"19.008.20071\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.008.20071 (2019.008.20071)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Reader 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814239", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814239", "type": "openvas", "title": "Adobe Reader 2017 Security Updates(apsb18-30)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader 2017 Security Updates(apsb18-30)-MAC OS X\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814239\");\n script_version(\"2019-07-16T10:27:00+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:27:00 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:05 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Reader 2017 Security Updates(apsb18-30)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader 2017 version 2017.x before\n 2017.011.30105 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 2017 version\n 2017.011.30105 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30104\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"2017.011.30105\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat DC\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814240", "type": "openvas", "title": "Adobe Acrobat DC Security Updates (apsb18-30) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC Security Updates (apsb18-30)-Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814240\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:22 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat DC Security Updates (apsb18-30) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC version before\n 2019.008.20071 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC version\n 2019.008.20071 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"19.008.20071\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.008.20071 (2019.008.20071)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-07-16T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814236", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates(apsb18-30)-Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat 2017 Security Updates(apsb18-30)-Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814236\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:05 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat 2017 Security Updates(apsb18-30)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017 version 2017.x before\n 2017.011.30105 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30105 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30104\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30105 (2017.011.30105)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Reader DC\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814230", "type": "openvas", "title": "Adobe Reader DC Security Updates (apsb18-30) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader DC Security Updates (apsb18-30)-Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814230\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:22 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Reader DC Security Updates (apsb18-30) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader DC\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader DC version before\n 2019.008.20071 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader DC version\n 2019.008.20071 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"19.008.20071\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.008.20071 (2019.008.20071)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:17:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814232", "type": "openvas", "title": "Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30) - Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30)-Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814232\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:36 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30456 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30456 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30455\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30456 (2015.006.30456)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:18:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12835", "CVE-2018-12847", "CVE-2018-15951", "CVE-2018-15932", "CVE-2018-15942", "CVE-2018-15939", "CVE-2018-12875", "CVE-2018-15924", "CVE-2018-12759", "CVE-2018-15953", "CVE-2018-12871", "CVE-2018-15949", "CVE-2018-12876", "CVE-2018-12874", "CVE-2018-12841", "CVE-2018-15934", "CVE-2018-12843", "CVE-2018-12860", "CVE-2018-15941", "CVE-2018-12880", "CVE-2018-15920", "CVE-2018-12869", "CVE-2018-15946", "CVE-2018-12836", "CVE-2018-15930", "CVE-2018-15940", "CVE-2018-12837", "CVE-2018-15926", "CVE-2018-15928", "CVE-2018-15922", "CVE-2018-15947", "CVE-2018-15935", "CVE-2018-12877", "CVE-2018-12879", "CVE-2018-15950", "CVE-2018-12844", "CVE-2018-12839", "CVE-2018-12831", "CVE-2018-12834", "CVE-2018-15952", "CVE-2018-12851", "CVE-2018-15956", "CVE-2018-15936", "CVE-2018-12872", "CVE-2018-15937", "CVE-2018-15968", "CVE-2018-12862", "CVE-2018-12858", "CVE-2018-12845", "CVE-2018-12856", "CVE-2018-12865", "CVE-2018-15955", "CVE-2018-12873", "CVE-2018-15925", "CVE-2018-12842", "CVE-2018-15931", "CVE-2018-12881", "CVE-2018-12846", "CVE-2018-12870", "CVE-2018-12833", "CVE-2018-12832", "CVE-2018-19722", "CVE-2018-15966", "CVE-2018-12867", "CVE-2018-12852", "CVE-2018-12838", "CVE-2018-12863", "CVE-2018-15923", "CVE-2018-15933", "CVE-2018-12861", "CVE-2018-12864", "CVE-2018-15938", "CVE-2018-15944", "CVE-2018-12868", "CVE-2018-12857", "CVE-2018-15948", "CVE-2018-15954", "CVE-2018-12866", "CVE-2018-12769", "CVE-2018-12853", "CVE-2018-15943", "CVE-2018-12855", "CVE-2018-15927", "CVE-2018-15945", "CVE-2018-12859", "CVE-2018-15929", "CVE-2018-12878"], "description": "This host is installed with Adobe Acrobat DC\n Cassic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-10-03T00:00:00", "id": "OPENVAS:1361412562310814233", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814233", "type": "openvas", "title": "Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30) - Mac OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30)-MAC OS X\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814233\");\n script_version(\"2019-07-05T08:21:18+0000\");\n script_cve_id(\"CVE-2018-15955\", \"CVE-2018-15954\", \"CVE-2018-15952\", \"CVE-2018-15945\",\n \"CVE-2018-15944\", \"CVE-2018-15941\", \"CVE-2018-15940\", \"CVE-2018-15939\",\n \"CVE-2018-15938\", \"CVE-2018-15936\", \"CVE-2018-15935\", \"CVE-2018-15934\",\n \"CVE-2018-15933\", \"CVE-2018-15929\", \"CVE-2018-15928\", \"CVE-2018-12868\",\n \"CVE-2018-12865\", \"CVE-2018-12864\", \"CVE-2018-12862\", \"CVE-2018-12861\",\n \"CVE-2018-12860\", \"CVE-2018-12759\", \"CVE-2018-15956\", \"CVE-2018-15953\",\n \"CVE-2018-15950\", \"CVE-2018-15949\", \"CVE-2018-15948\", \"CVE-2018-15947\",\n \"CVE-2018-15946\", \"CVE-2018-15943\", \"CVE-2018-15942\", \"CVE-2018-15932\",\n \"CVE-2018-15927\", \"CVE-2018-15926\", \"CVE-2018-15925\", \"CVE-2018-15923\",\n \"CVE-2018-15922\", \"CVE-2018-12880\", \"CVE-2018-12879\", \"CVE-2018-12878\",\n \"CVE-2018-12875\", \"CVE-2018-12874\", \"CVE-2018-12873\", \"CVE-2018-12872\",\n \"CVE-2018-12871\", \"CVE-2018-12870\", \"CVE-2018-12869\", \"CVE-2018-12867\",\n \"CVE-2018-12866\", \"CVE-2018-12859\", \"CVE-2018-12857\", \"CVE-2018-12856\",\n \"CVE-2018-12845\", \"CVE-2018-12844\", \"CVE-2018-12843\", \"CVE-2018-12839\",\n \"CVE-2018-12834\", \"CVE-2018-15968\", \"CVE-2018-12851\", \"CVE-2018-12847\",\n \"CVE-2018-12846\", \"CVE-2018-12837\", \"CVE-2018-12836\", \"CVE-2018-12833\",\n \"CVE-2018-12832\", \"CVE-2018-15924\", \"CVE-2018-15920\", \"CVE-2018-12877\",\n \"CVE-2018-12863\", \"CVE-2018-12852\", \"CVE-2018-12831\", \"CVE-2018-12769\",\n \"CVE-2018-12876\", \"CVE-2018-12858\", \"CVE-2018-12835\", \"CVE-2018-12838\",\n \"CVE-2018-12841\", \"CVE-2018-12881\", \"CVE-2018-12842\", \"CVE-2018-15951\",\n \"CVE-2018-12855\", \"CVE-2018-12853\", \"CVE-2018-15937\", \"CVE-2018-15931\",\n \"CVE-2018-15930\", \"CVE-2018-15966\", \"CVE-2018-19722\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:21:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-03 16:53:36 +0530 (Wed, 03 Oct 2018)\");\n script_name(\"Adobe Acrobat DC Classic 2015 Security Updates (apsb18-30) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Cassic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to an Out-of-bounds\n write error, an Out-of-bounds read error, a Heap Overflow error, Use After Free\n error, Type Confusion error, Stack Overflow error, Double Free error, Integer\n Overflow error, Buffer errors, Untrusted pointer dereference error and Security\n Bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to run arbitrary code execution, gain privilege escalation and gain\n access to potentially sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30456 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30456 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb18-30.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30455\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30456 (2015.006.30456)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2020-06-22T11:41:34", "bulletinFamily": "info", "cvelist": ["CVE-2018-12858"], "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.", "edition": 1, "modified": "2018-06-22T00:00:00", "published": "2018-10-03T00:00:00", "id": "ZDI-18-1112", "href": "https://www.zerodayinitiative.com/advisories/ZDI-18-1112/", "title": "Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
