Adobe Acrobat Pro DC HTML2PDF HTML Parsing Uninitialized Pointer Remote Code Execution Vulnerability
2019-02-12T00:00:00
ID ZDI-19-203 Type zdi Reporter T3rmin4t0r Modified 2019-06-22T00:00:00
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HTML documents within the HTML2PDF plugin. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.
{"id": "ZDI-19-203", "bulletinFamily": "info", "title": "Adobe Acrobat Pro DC HTML2PDF HTML Parsing Uninitialized Pointer Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HTML documents within the HTML2PDF plugin. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.", "published": "2019-02-12T00:00:00", "modified": "2019-06-22T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-203/", "reporter": "T3rmin4t0r", "references": ["https://helpx.adobe.com/security/products/acrobat/apsb19-07.html"], "cvelist": ["CVE-2019-7042"], "type": "zdi", "lastseen": "2020-06-22T11:42:27", "edition": 1, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-7042"]}, {"type": "kaspersky", "idList": ["KLA11421"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814848", "OPENVAS:1361412562310814846", "OPENVAS:1361412562310814844", "OPENVAS:1361412562310814845", "OPENVAS:1361412562310814854", "OPENVAS:1361412562310814849", "OPENVAS:1361412562310814851", "OPENVAS:1361412562310814850", "OPENVAS:1361412562310814852", "OPENVAS:1361412562310814855"]}, {"type": "nessus", "idList": ["ADOBE_READER_APSB19-07.NASL", "MACOSX_ADOBE_READER_APSB19-07.NASL", "MACOSX_ADOBE_ACROBAT_APSB19-07.NASL", "ADOBE_ACROBAT_APSB19-07.NASL"]}], "modified": "2020-06-22T11:42:27", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2020-06-22T11:42:27", "rev": 2}, "vulnersScore": 5.9}}
{"cve": [{"lastseen": "2020-12-09T21:41:56", "description": "Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-24T19:29:00", "title": "CVE-2019-7042", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7042"], "modified": "2019-08-21T16:20:00", "cpe": ["cpe:/a:adobe:acrobat_dc:17.011.30113", "cpe:/a:adobe:acrobat_reader_dc:17.011.30113", "cpe:/a:adobe:acrobat_reader_dc:19.010.20069", "cpe:/a:adobe:acrobat_reader_dc:15.006.30464", "cpe:/a:adobe:acrobat_dc:19.010.20069", "cpe:/a:adobe:acrobat_dc:15.006.30464"], "id": "CVE-2019-7042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7042", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_dc:17.011.30113:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:19.010.20069:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30464:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:19.010.20069:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:17.011.30113:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:15.006.30464:*:*:*:classic:*:*:*"]}], "kaspersky": [{"lastseen": "2020-09-02T11:55:07", "bulletinFamily": "info", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "### *Detect date*:\n02/12/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges.\n\n### *Affected products*:\nAdobe Acrobat DC Continuous earlier than 2019.010.20091 \nAdobe Acrobat Reader DC Continuous earlier than 2019.010.20091 \nAdobe Acrobat 2017 (Classic 2017 Track) earlier than 2017.011.30120 \nAdobe Acrobat Reader 2017 (Classic 2017 Track) earlier than 2017.011.30120 \nAdobe Acrobat DC (Classic 2015 Track) earlier than 2015.006.30475 \nAdobe Acrobat Reader DC (Classic 2015 Track) earlier than 2015.006.30475\n\n### *Solution*:\nUpdate to the latest version \n[Download Adobe Acrobat Reader DC](<https://get.adobe.com/ru/reader/>)\n\n### *Original advisories*:\n[APSB19-07](<https://helpx.adobe.com/security/products/acrobat/apsb19-07.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Acrobat Reader DC Continuous](<https://threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Continuous/>)\n\n### *CVE-IDS*:\n[CVE-2019-7020](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7020>)7.7Critical \n[CVE-2019-7085](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7085>)0.0Unknown \n[CVE-2019-7089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7089>)0.0Unknown \n[CVE-2019-7080](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7080>)0.0Unknown \n[CVE-2019-7030](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7030>)0.0Unknown \n[CVE-2019-7021](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7021>)0.0Unknown \n[CVE-2019-7022](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7022>)0.0Unknown \n[CVE-2019-7023](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7023>)0.0Unknown \n[CVE-2019-7024](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7024>)0.0Unknown \n[CVE-2019-7028](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7028>)0.0Unknown \n[CVE-2019-7032](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7032>)0.0Unknown \n[CVE-2019-7033](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7033>)0.0Unknown \n[CVE-2019-7034](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7034>)0.0Unknown \n[CVE-2019-7035](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7035>)0.0Unknown \n[CVE-2019-7036](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7036>)0.0Unknown \n[CVE-2019-7038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7038>)0.0Unknown \n[CVE-2019-7045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7045>)0.0Unknown \n[CVE-2019-7047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7047>)0.0Unknown \n[CVE-2019-7049](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7049>)0.0Unknown \n[CVE-2019-7053](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7053>)0.0Unknown \n[CVE-2019-7055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7055>)0.0Unknown \n[CVE-2019-7056](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7056>)0.0Unknown \n[CVE-2019-7057](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7057>)0.0Unknown \n[CVE-2019-7058](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7058>)0.0Unknown \n[CVE-2019-7059](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7059>)0.0Unknown \n[CVE-2019-7063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7063>)0.0Unknown \n[CVE-2019-7064](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7064>)0.0Unknown \n[CVE-2019-7065](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7065>)0.0Unknown \n[CVE-2019-7067](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7067>)0.0Unknown \n[CVE-2019-7071](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7071>)0.0Unknown \n[CVE-2019-7073](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7073>)0.0Unknown \n[CVE-2019-7074](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7074>)0.0Unknown \n[CVE-2019-7081](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7081>)0.0Unknown \n[CVE-2018-19725](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19725>)0.0Unknown \n[CVE-2019-7041](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7041>)0.0Unknown \n[CVE-2019-7019](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7019>)0.0Unknown \n[CVE-2019-7027](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7027>)0.0Unknown \n[CVE-2019-7037](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7037>)0.0Unknown \n[CVE-2019-7039](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7039>)0.0Unknown \n[CVE-2019-7052](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7052>)0.0Unknown \n[CVE-2019-7060](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7060>)0.0Unknown \n[CVE-2019-7079](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7079>)0.0Unknown \n[CVE-2019-7069](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7069>)0.0Unknown \n[CVE-2019-7086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7086>)0.0Unknown \n[CVE-2019-7087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7087>)0.0Unknown \n[CVE-2019-7042](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7042>)0.0Unknown \n[CVE-2019-7046](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7046>)0.0Unknown \n[CVE-2019-7051](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7051>)0.0Unknown \n[CVE-2019-7054](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7054>)0.0Unknown \n[CVE-2019-7066](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7066>)0.0Unknown \n[CVE-2019-7076](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7076>)0.0Unknown \n[CVE-2019-7018](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7018>)0.0Unknown \n[CVE-2019-7025](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7025>)0.0Unknown \n[CVE-2019-7026](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7026>)0.0Unknown \n[CVE-2019-7029](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7029>)0.0Unknown \n[CVE-2019-7031](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7031>)0.0Unknown \n[CVE-2019-7040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7040>)0.0Unknown \n[CVE-2019-7043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7043>)0.0Unknown \n[CVE-2019-7044](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7044>)0.0Unknown \n[CVE-2019-7048](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7048>)0.0Unknown \n[CVE-2019-7050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7050>)0.0Unknown \n[CVE-2019-7062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7062>)0.0Unknown \n[CVE-2019-7068](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7068>)0.0Unknown \n[CVE-2019-7070](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7070>)0.0Unknown \n[CVE-2019-7072](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7072>)0.0Unknown \n[CVE-2019-7075](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7075>)0.0Unknown \n[CVE-2019-7077](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7077>)0.0Unknown \n[CVE-2019-7078](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7078>)0.0Unknown \n[CVE-2019-7082](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7082>)0.0Unknown \n[CVE-2019-7083](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7083>)0.0Unknown \n[CVE-2019-7084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7084>)0.0Unknown", "edition": 5, "modified": "2020-05-22T00:00:00", "published": "2019-02-12T00:00:00", "id": "KLA11421", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11421", "title": "\r KLA11421Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T03:27:24", "description": "The version of Adobe Reader installed on the remote macOS host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-15T00:00:00", "title": "Adobe Reader < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOSX_ADOBE_READER_APSB19-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122251);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2018-19725\",\n \"CVE-2019-7018\",\n \"CVE-2019-7019\",\n \"CVE-2019-7020\",\n \"CVE-2019-7021\",\n \"CVE-2019-7022\",\n \"CVE-2019-7023\",\n \"CVE-2019-7024\",\n \"CVE-2019-7025\",\n \"CVE-2019-7026\",\n \"CVE-2019-7027\",\n \"CVE-2019-7028\",\n \"CVE-2019-7029\",\n \"CVE-2019-7030\",\n \"CVE-2019-7031\",\n \"CVE-2019-7032\",\n \"CVE-2019-7033\",\n \"CVE-2019-7034\",\n \"CVE-2019-7035\",\n \"CVE-2019-7036\",\n \"CVE-2019-7037\",\n \"CVE-2019-7038\",\n \"CVE-2019-7039\",\n \"CVE-2019-7040\",\n \"CVE-2019-7041\",\n \"CVE-2019-7042\",\n \"CVE-2019-7043\",\n \"CVE-2019-7044\",\n \"CVE-2019-7045\",\n \"CVE-2019-7046\",\n \"CVE-2019-7047\",\n \"CVE-2019-7048\",\n \"CVE-2019-7049\",\n \"CVE-2019-7050\",\n \"CVE-2019-7051\",\n \"CVE-2019-7052\",\n \"CVE-2019-7053\",\n \"CVE-2019-7054\",\n \"CVE-2019-7055\",\n \"CVE-2019-7056\",\n \"CVE-2019-7057\",\n \"CVE-2019-7058\",\n \"CVE-2019-7059\",\n \"CVE-2019-7060\",\n \"CVE-2019-7062\",\n \"CVE-2019-7063\",\n \"CVE-2019-7064\",\n \"CVE-2019-7065\",\n \"CVE-2019-7066\",\n \"CVE-2019-7067\",\n \"CVE-2019-7068\",\n \"CVE-2019-7069\",\n \"CVE-2019-7070\",\n \"CVE-2019-7071\",\n \"CVE-2019-7072\",\n \"CVE-2019-7073\",\n \"CVE-2019-7074\",\n \"CVE-2019-7075\",\n \"CVE-2019-7076\",\n \"CVE-2019-7077\",\n \"CVE-2019-7078\",\n \"CVE-2019-7079\",\n \"CVE-2019-7080\",\n \"CVE-2019-7081\",\n \"CVE-2019-7082\",\n \"CVE-2019-7083\",\n \"CVE-2019-7084\",\n \"CVE-2019-7085\",\n \"CVE-2019-7086\",\n \"CVE-2019-7087\",\n \"CVE-2019-7089\"\n );\n script_bugtraq_id(\n 106973,\n 106974,\n 106975,\n 106977,\n 106978,\n 106979,\n 106980,\n 106981,\n 106983,\n 106985\n );\n\n script_name(english:\"Adobe Reader < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote macOS host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2019.010.20091 / 2017.011.30120 /\n2015.006.30475 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Reader\");\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.20zzz = DC Classic\n# x.y.30zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30464\", \"fixed_version\" : \"15.006.30475\" },\n { \"min_version\" : \"15.8\", \"max_version\" : \"19.010.20069\", \"fixed_version\" : \"19.010.20091\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30113\", \"fixed_version\" : \"17.011.30120\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:26:35", "description": "The version of Adobe Acrobat installed on the remote macOS host is\nprior to 2019.010.20069, 2017.011.30113, 2015.006.30464. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-15T00:00:00", "title": "Adobe Acrobat < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOSX_ADOBE_ACROBAT_APSB19-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122250", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122250);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2018-19725\",\n \"CVE-2019-7018\",\n \"CVE-2019-7019\",\n \"CVE-2019-7020\",\n \"CVE-2019-7021\",\n \"CVE-2019-7022\",\n \"CVE-2019-7023\",\n \"CVE-2019-7024\",\n \"CVE-2019-7025\",\n \"CVE-2019-7026\",\n \"CVE-2019-7027\",\n \"CVE-2019-7028\",\n \"CVE-2019-7029\",\n \"CVE-2019-7030\",\n \"CVE-2019-7031\",\n \"CVE-2019-7032\",\n \"CVE-2019-7033\",\n \"CVE-2019-7034\",\n \"CVE-2019-7035\",\n \"CVE-2019-7036\",\n \"CVE-2019-7037\",\n \"CVE-2019-7038\",\n \"CVE-2019-7039\",\n \"CVE-2019-7040\",\n \"CVE-2019-7041\",\n \"CVE-2019-7042\",\n \"CVE-2019-7043\",\n \"CVE-2019-7044\",\n \"CVE-2019-7045\",\n \"CVE-2019-7046\",\n \"CVE-2019-7047\",\n \"CVE-2019-7048\",\n \"CVE-2019-7049\",\n \"CVE-2019-7050\",\n \"CVE-2019-7051\",\n \"CVE-2019-7052\",\n \"CVE-2019-7053\",\n \"CVE-2019-7054\",\n \"CVE-2019-7055\",\n \"CVE-2019-7056\",\n \"CVE-2019-7057\",\n \"CVE-2019-7058\",\n \"CVE-2019-7059\",\n \"CVE-2019-7060\",\n \"CVE-2019-7062\",\n \"CVE-2019-7063\",\n \"CVE-2019-7064\",\n \"CVE-2019-7065\",\n \"CVE-2019-7066\",\n \"CVE-2019-7067\",\n \"CVE-2019-7068\",\n \"CVE-2019-7069\",\n \"CVE-2019-7070\",\n \"CVE-2019-7071\",\n \"CVE-2019-7072\",\n \"CVE-2019-7073\",\n \"CVE-2019-7074\",\n \"CVE-2019-7075\",\n \"CVE-2019-7076\",\n \"CVE-2019-7077\",\n \"CVE-2019-7078\",\n \"CVE-2019-7079\",\n \"CVE-2019-7080\",\n \"CVE-2019-7081\",\n \"CVE-2019-7082\",\n \"CVE-2019-7083\",\n \"CVE-2019-7084\",\n \"CVE-2019-7085\",\n \"CVE-2019-7086\",\n \"CVE-2019-7087\",\n \"CVE-2019-7089\"\n );\n script_bugtraq_id(\n 106973,\n 106974,\n 106975,\n 106977,\n 106978,\n 106979,\n 106980,\n 106981,\n 106983,\n 106985\n );\n\n script_name(english:\"Adobe Acrobat < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is\nprior to 2019.010.20069, 2017.011.30113, 2015.006.30464. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2019.010.20091 / 2017.011.30120 /\n2015.006.30475 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\");\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.20zzz = DC Classic\n# x.y.30zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30464\", \"fixed_version\" : \"15.006.30475\" },\n { \"min_version\" : \"15.8\", \"max_version\" : \"19.010.20069\", \"fixed_version\" : \"19.010.20091\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30113\", \"fixed_version\" : \"17.011.30120\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:13:28", "description": "The version of Adobe Acrobat installed on the remote Windows host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-15T00:00:00", "title": "Adobe Acrobat < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB19-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122252);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2018-19725\",\n \"CVE-2019-7018\",\n \"CVE-2019-7019\",\n \"CVE-2019-7020\",\n \"CVE-2019-7021\",\n \"CVE-2019-7022\",\n \"CVE-2019-7023\",\n \"CVE-2019-7024\",\n \"CVE-2019-7025\",\n \"CVE-2019-7026\",\n \"CVE-2019-7027\",\n \"CVE-2019-7028\",\n \"CVE-2019-7029\",\n \"CVE-2019-7030\",\n \"CVE-2019-7031\",\n \"CVE-2019-7032\",\n \"CVE-2019-7033\",\n \"CVE-2019-7034\",\n \"CVE-2019-7035\",\n \"CVE-2019-7036\",\n \"CVE-2019-7037\",\n \"CVE-2019-7038\",\n \"CVE-2019-7039\",\n \"CVE-2019-7040\",\n \"CVE-2019-7041\",\n \"CVE-2019-7042\",\n \"CVE-2019-7043\",\n \"CVE-2019-7044\",\n \"CVE-2019-7045\",\n \"CVE-2019-7046\",\n \"CVE-2019-7047\",\n \"CVE-2019-7048\",\n \"CVE-2019-7049\",\n \"CVE-2019-7050\",\n \"CVE-2019-7051\",\n \"CVE-2019-7052\",\n \"CVE-2019-7053\",\n \"CVE-2019-7054\",\n \"CVE-2019-7055\",\n \"CVE-2019-7056\",\n \"CVE-2019-7057\",\n \"CVE-2019-7058\",\n \"CVE-2019-7059\",\n \"CVE-2019-7060\",\n \"CVE-2019-7062\",\n \"CVE-2019-7063\",\n \"CVE-2019-7064\",\n \"CVE-2019-7065\",\n \"CVE-2019-7066\",\n \"CVE-2019-7067\",\n \"CVE-2019-7068\",\n \"CVE-2019-7069\",\n \"CVE-2019-7070\",\n \"CVE-2019-7071\",\n \"CVE-2019-7072\",\n \"CVE-2019-7073\",\n \"CVE-2019-7074\",\n \"CVE-2019-7075\",\n \"CVE-2019-7076\",\n \"CVE-2019-7077\",\n \"CVE-2019-7078\",\n \"CVE-2019-7079\",\n \"CVE-2019-7080\",\n \"CVE-2019-7081\",\n \"CVE-2019-7082\",\n \"CVE-2019-7083\",\n \"CVE-2019-7084\",\n \"CVE-2019-7085\",\n \"CVE-2019-7086\",\n \"CVE-2019-7087\",\n \"CVE-2019-7089\"\n );\n script_bugtraq_id(\n 106973,\n 106974,\n 106975,\n 106977,\n 106978,\n 106979,\n 106980,\n 106981,\n 106983,\n 106985\n );\n\n script_name(english:\"Adobe Acrobat < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2019.010.20091 / 2017.011.30120 /\n2015.006.30475 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\", win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.20zzz = DC Classic\n# x.y.30zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30464\", \"fixed_version\" : \"15.006.30475\" },\n { \"min_version\" : \"15.8\", \"max_version\" : \"19.010.20069\", \"fixed_version\" : \"19.010.20091\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30113\", \"fixed_version\" : \"17.011.30120\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:14:52", "description": "The version of Adobe Reader installed on the remote Windows host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-15T00:00:00", "title": "Adobe Reader < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB19-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122253", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122253);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2018-19725\",\n \"CVE-2019-7018\",\n \"CVE-2019-7019\",\n \"CVE-2019-7020\",\n \"CVE-2019-7021\",\n \"CVE-2019-7022\",\n \"CVE-2019-7023\",\n \"CVE-2019-7024\",\n \"CVE-2019-7025\",\n \"CVE-2019-7026\",\n \"CVE-2019-7027\",\n \"CVE-2019-7028\",\n \"CVE-2019-7029\",\n \"CVE-2019-7030\",\n \"CVE-2019-7031\",\n \"CVE-2019-7032\",\n \"CVE-2019-7033\",\n \"CVE-2019-7034\",\n \"CVE-2019-7035\",\n \"CVE-2019-7036\",\n \"CVE-2019-7037\",\n \"CVE-2019-7038\",\n \"CVE-2019-7039\",\n \"CVE-2019-7040\",\n \"CVE-2019-7041\",\n \"CVE-2019-7042\",\n \"CVE-2019-7043\",\n \"CVE-2019-7044\",\n \"CVE-2019-7045\",\n \"CVE-2019-7046\",\n \"CVE-2019-7047\",\n \"CVE-2019-7048\",\n \"CVE-2019-7049\",\n \"CVE-2019-7050\",\n \"CVE-2019-7051\",\n \"CVE-2019-7052\",\n \"CVE-2019-7053\",\n \"CVE-2019-7054\",\n \"CVE-2019-7055\",\n \"CVE-2019-7056\",\n \"CVE-2019-7057\",\n \"CVE-2019-7058\",\n \"CVE-2019-7059\",\n \"CVE-2019-7060\",\n \"CVE-2019-7062\",\n \"CVE-2019-7063\",\n \"CVE-2019-7064\",\n \"CVE-2019-7065\",\n \"CVE-2019-7066\",\n \"CVE-2019-7067\",\n \"CVE-2019-7068\",\n \"CVE-2019-7069\",\n \"CVE-2019-7070\",\n \"CVE-2019-7071\",\n \"CVE-2019-7072\",\n \"CVE-2019-7073\",\n \"CVE-2019-7074\",\n \"CVE-2019-7075\",\n \"CVE-2019-7076\",\n \"CVE-2019-7077\",\n \"CVE-2019-7078\",\n \"CVE-2019-7079\",\n \"CVE-2019-7080\",\n \"CVE-2019-7081\",\n \"CVE-2019-7082\",\n \"CVE-2019-7083\",\n \"CVE-2019-7084\",\n \"CVE-2019-7085\",\n \"CVE-2019-7086\",\n \"CVE-2019-7087\",\n \"CVE-2019-7089\"\n );\n script_bugtraq_id(\n 106973,\n 106974,\n 106975,\n 106977,\n 106978,\n 106979,\n 106980,\n 106981,\n 106983,\n 106985\n );\n\n script_name(english:\"Adobe Reader < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19-07)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\nprior to 2019.010.20091, 2017.011.30120, 2015.006.30475. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the\nAPSB19-07 advisory.\n\n - Buffer Errors potentially leading to Arbitrary Code\n Execution (CVE-2019-7020, CVE-2019-7085)\n\n - Data leakage (sensitive) potentially leading to\n Information Disclosure (CVE-2019-7089)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7080)\n\n - Integer Overflow potentially leading to Information\n Disclosure (CVE-2019-7030)\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023,\n CVE-2019-7024, CVE-2019-7028, CVE-2019-7032,\n CVE-2019-7033, CVE-2019-7034, CVE-2019-7035,\n CVE-2019-7036, CVE-2019-7038, CVE-2019-7045,\n CVE-2019-7047, CVE-2019-7049, CVE-2019-7053,\n CVE-2019-7055, CVE-2019-7056, CVE-2019-7057,\n CVE-2019-7058, CVE-2019-7059, CVE-2019-7063,\n CVE-2019-7064, CVE-2019-7065, CVE-2019-7067,\n CVE-2019-7071, CVE-2019-7073, CVE-2019-7074,\n CVE-2019-7081)\n\n - Security bypass potentially leading to Privilege\n Escalation (CVE-2018-19725, CVE-2019-7041)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7019, CVE-2019-7027,\n CVE-2019-7037, CVE-2019-7039, CVE-2019-7052,\n CVE-2019-7060, CVE-2019-7079)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)\n\n - Untrusted Pointer Dereference potentially leading to\n Arbitrary Code Execution (CVE-2019-7042, CVE-2019-7046,\n CVE-2019-7051, CVE-2019-7054, CVE-2019-7066,\n CVE-2019-7076)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026,\n CVE-2019-7029, CVE-2019-7031, CVE-2019-7040,\n CVE-2019-7043, CVE-2019-7044, CVE-2019-7048,\n CVE-2019-7050, CVE-2019-7062, CVE-2019-7068,\n CVE-2019-7070, CVE-2019-7072, CVE-2019-7075,\n CVE-2019-7077, CVE-2019-7078, CVE-2019-7082,\n CVE-2019-7083, CVE-2019-7084)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2019.010.20091 / 2017.011.30120 /\n2015.006.30475 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\napp_info = vcf::adobe_reader::get_app_info();\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.20zzz = DC Classic\n# x.y.30zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30464\", \"fixed_version\" : \"15.006.30475\" },\n { \"min_version\" : \"15.8\", \"max_version\" : \"19.010.20069\", \"fixed_version\" : \"19.010.20091\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30113\", \"fixed_version\" : \"17.011.30120\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-10-15T14:50:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814844", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-07) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814844\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 10:37:27 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-07) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2019.010.20069 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Continuous\n version 2019.010.20091 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.010.20091 == 19.010.20091\nif(version_is_less(version:vers, test_version:\"19.010.20091\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.010.20091 (2019.010.20091)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814853", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814853", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-07) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814853\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:40:34 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-07) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Classic Track) versions\n 2015.006.30464 and earlier on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC (Classic Track)\n 2015.006.30475 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30475 == 15.006.30475\nif(version_is_less(version:vers, test_version:\"15.006.30475\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30475 (2015.006.30475)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814854", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814854", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-07) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814854\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:55:38 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-07) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30464 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC (Classic\n Track) version 2015.006.30475 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30475 == 15.006.30475\nif(version_is_less(version:vers, test_version:\"15.006.30475\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30475 (2015.006.30475)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat\n Reader DC (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814847", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-07) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814847\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:05:10 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-07) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.010.20069 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.010.20091 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n# 2019.010.20091 == 19.010.20091\nif(version_is_less(version:vers, test_version:\"19.010.20091\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.010.20091 (2019.010.20091)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814848", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates(apsb19-07)-Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814848\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:10:12 +0530 (Thu, 14 Feb 2019)\");\n\n script_name(\"Adobe Acrobat 2017 Security Updates(apsb19-07)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat 2017\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017 version 2017.011.30113\n and earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017.011.30120 or\n later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30113 == 17.011.30113\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30113\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30120 (2017.011.30120)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814852", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814852", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-07) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814852\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:35:46 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-07) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30464 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30475 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30475 == 15.006.30475\nif(version_is_less(version:vers, test_version:\"15.006.30475\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30475 (2015.006.30475)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple arbitrary code execution vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814855", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814855", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb19-07) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814855\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 12:01:22 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Multiple Vulnerabilities (apsb19-07) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Classic Track) and is prone to multiple arbitrary code execution vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Classic Track)\n 2015.006.30464 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC (Classic Track)\n version 2015.006.30475 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30475 == 15.006.30475\nif(version_is_less(version:vers, test_version:\"15.006.30475\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30475 (2015.006.30475)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat\n Reader DC (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814846", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-07) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814846\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 10:56:36 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-07) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.010.20069 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.010.20091 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\n# 2019.010.20091 == 19.010.20091\nif(version_is_less(version:vers, test_version:\"19.010.20091\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.010.20091 (2019.010.20091)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple arbitrary code execution vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814851", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814851", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb19-07 (Windows)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814851\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:32:21 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb19-07 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple arbitrary code execution vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.011.30113 and earlier\n versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30120 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30113 == 17.011.30113\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30113\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30120 (2017.011.30120)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-15T14:50:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-7025", "CVE-2019-7052", "CVE-2019-7027", "CVE-2019-7028", "CVE-2019-7078", "CVE-2019-7071", "CVE-2019-7073", "CVE-2019-7086", "CVE-2019-7056", "CVE-2019-7064", "CVE-2019-7067", "CVE-2019-7044", "CVE-2019-7082", "CVE-2019-7046", "CVE-2019-7081", "CVE-2019-7049", "CVE-2019-7031", "CVE-2019-7039", "CVE-2019-7085", "CVE-2019-7019", "CVE-2019-7040", "CVE-2019-7062", "CVE-2019-7058", "CVE-2019-7077", "CVE-2019-7072", "CVE-2019-7087", "CVE-2019-7047", "CVE-2019-7043", "CVE-2019-7060", "CVE-2019-7023", "CVE-2019-7063", "CVE-2019-7037", "CVE-2019-7041", "CVE-2019-7026", "CVE-2019-7074", "CVE-2019-7045", "CVE-2019-7080", "CVE-2019-7054", "CVE-2019-7035", "CVE-2019-7079", "CVE-2019-7084", "CVE-2019-7038", "CVE-2019-7029", "CVE-2019-7065", "CVE-2019-7075", "CVE-2019-7050", "CVE-2019-7083", "CVE-2019-7051", "CVE-2019-7032", "CVE-2019-7059", "CVE-2019-7020", "CVE-2018-19725", "CVE-2019-7069", "CVE-2019-7053", "CVE-2019-7034", "CVE-2019-7024", "CVE-2019-7030", "CVE-2019-7042", "CVE-2019-7089", "CVE-2019-7068", "CVE-2019-7021", "CVE-2019-7018", "CVE-2019-7070", "CVE-2019-7066", "CVE-2019-7036", "CVE-2019-7055", "CVE-2019-7048", "CVE-2019-7033", "CVE-2019-7022", "CVE-2019-7057", "CVE-2019-7076"], "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple arbitrary code execution vulnerabilities.", "modified": "2019-10-15T00:00:00", "published": "2019-02-14T00:00:00", "id": "OPENVAS:1361412562310814850", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814850", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb19-07 (Mac OS X)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814850\");\n script_version(\"2019-10-15T07:58:18+0000\");\n script_cve_id(\"CVE-2018-19725\", \"CVE-2019-7018\", \"CVE-2019-7019\", \"CVE-2019-7020\",\n \"CVE-2019-7021\", \"CVE-2019-7022\", \"CVE-2019-7023\", \"CVE-2019-7024\",\n \"CVE-2019-7025\", \"CVE-2019-7026\", \"CVE-2019-7027\", \"CVE-2019-7028\",\n \"CVE-2019-7029\", \"CVE-2019-7030\", \"CVE-2019-7031\", \"CVE-2019-7032\",\n \"CVE-2019-7033\", \"CVE-2019-7034\", \"CVE-2019-7035\", \"CVE-2019-7036\",\n \"CVE-2019-7037\", \"CVE-2019-7038\", \"CVE-2019-7039\", \"CVE-2019-7040\",\n \"CVE-2019-7041\", \"CVE-2019-7042\", \"CVE-2019-7043\", \"CVE-2019-7044\",\n \"CVE-2019-7045\", \"CVE-2019-7046\", \"CVE-2019-7047\", \"CVE-2019-7048\",\n \"CVE-2019-7049\", \"CVE-2019-7050\", \"CVE-2019-7051\", \"CVE-2019-7052\",\n \"CVE-2019-7053\", \"CVE-2019-7054\", \"CVE-2019-7055\", \"CVE-2019-7056\",\n \"CVE-2019-7057\", \"CVE-2019-7058\", \"CVE-2019-7059\", \"CVE-2019-7060\",\n \"CVE-2019-7062\", \"CVE-2019-7063\", \"CVE-2019-7064\", \"CVE-2019-7065\",\n \"CVE-2019-7066\", \"CVE-2019-7067\", \"CVE-2019-7068\", \"CVE-2019-7069\",\n \"CVE-2019-7070\", \"CVE-2019-7071\", \"CVE-2019-7072\", \"CVE-2019-7073\",\n \"CVE-2019-7074\", \"CVE-2019-7075\", \"CVE-2019-7076\", \"CVE-2019-7077\",\n \"CVE-2019-7078\", \"CVE-2019-7079\", \"CVE-2019-7080\", \"CVE-2019-7081\",\n \"CVE-2019-7082\", \"CVE-2019-7083\", \"CVE-2019-7084\", \"CVE-2019-7085\",\n \"CVE-2019-7086\", \"CVE-2019-7087\", \"CVE-2019-7089\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-15 07:58:18 +0000 (Tue, 15 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-14 11:27:24 +0530 (Thu, 14 Feb 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Multiple Vulnerabilities-apsb19-07 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple arbitrary code execution vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple buffer errors.\n\n - A data leakage error.\n\n - An integer overflow error.\n\n - Multiple out-of-bounds read errors.\n\n - Multiple security bypass errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple untrusted pointer dereference errors.\n\n - Multiple use after free errors.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code in the context of the current user,\n escalate privileges and gain access to sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.011.30113 and\n earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30120 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30113 == 17.011.30113\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30113\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30120 (2017.011.30120)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
