Adobe Acrobat Pro DC XFA Template Out-Of-Bounds Read Remote Code Execution Vulnerability
2019-05-15T00:00:00
ID ZDI-19-510 Type zdi Reporter hungtt28 of Viettel Cyber Security Modified 2019-05-15T00:00:00
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
{"id": "ZDI-19-510", "vendorId": null, "type": "zdi", "bulletinFamily": "info", "title": "Adobe Acrobat Pro DC XFA Template Out-Of-Bounds Read Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.", "published": "2019-05-15T00:00:00", "modified": "2019-05-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-510/", "reporter": "hungtt28 of Viettel Cyber Security", "references": ["https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"], "cvelist": ["CVE-2019-7826"], "immutableFields": [], "lastseen": "2022-02-10T00:00:00", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "adobe", "idList": ["APSB19-18"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0639"]}, {"type": "cve", "idList": ["CVE-2019-7826"]}, {"type": "kaspersky", "idList": ["KLA11481"]}, {"type": "nessus", "idList": ["ADOBE_ACROBAT_APSB19-18.NASL", "ADOBE_READER_APSB19-18.NASL", "MACOS_ADOBE_ACROBAT_APSB19-18.NASL", "MACOS_ADOBE_READER_APSB19-18.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815063", "OPENVAS:1361412562310815064", "OPENVAS:1361412562310815065", "OPENVAS:1361412562310815066", "OPENVAS:1361412562310815067", "OPENVAS:1361412562310815068", "OPENVAS:1361412562310815069", "OPENVAS:1361412562310815070", "OPENVAS:1361412562310815071", "OPENVAS:1361412562310815072", "OPENVAS:1361412562310815073", "OPENVAS:1361412562310815074"]}], "rev": 4}, "score": {"value": 5.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "adobe", "idList": ["APSB19-18"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0639"]}, {"type": "cve", "idList": ["CVE-2019-7826"]}, {"type": "kaspersky", "idList": ["KLA11481"]}, {"type": "nessus", "idList": ["ADOBE_ACROBAT_APSB19-18.NASL", "ADOBE_READER_APSB19-18.NASL", "MACOS_ADOBE_ACROBAT_APSB19-18.NASL", "MACOS_ADOBE_READER_APSB19-18.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815063", "OPENVAS:1361412562310815064", "OPENVAS:1361412562310815065", "OPENVAS:1361412562310815066", "OPENVAS:1361412562310815067", "OPENVAS:1361412562310815068", "OPENVAS:1361412562310815069", "OPENVAS:1361412562310815070", "OPENVAS:1361412562310815071", "OPENVAS:1361412562310815072", "OPENVAS:1361412562310815073", "OPENVAS:1361412562310815074"]}]}, "exploitation": null, "vulnersScore": 5.4}, "_state": {"dependencies": 1647552764}}
{"cve": [{"lastseen": "2022-03-24T00:33:47", "description": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-05-22T18:29:00", "type": "cve", "title": "CVE-2019-7826", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7826"], "modified": "2019-08-21T16:20:00", "cpe": ["cpe:/a:adobe:acrobat_dc:19.010.20100", "cpe:/a:adobe:acrobat_reader_dc:15.006.30493", "cpe:/a:adobe:acrobat_dc:15.006.30495", "cpe:/a:adobe:acrobat_reader_dc:19.010.20099", "cpe:/a:adobe:acrobat_reader_dc:17.011.30138", "cpe:/a:adobe:acrobat_dc:17.011.30140"], "id": "CVE-2019-7826", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7826", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader_dc:17.011.30138:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:19.010.20099:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:15.006.30495:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:19.010.20100:*:*:*:continuous:*:*:*", "cpe:2.3:a:adobe:acrobat_dc:17.011.30140:*:*:*:classic:*:*:*", "cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30493:*:*:*:classic:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:21:43", "description": "An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-14T00:00:00", "type": "checkpoint_advisories", "title": "Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7826; CVE-2019-7820)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7820", "CVE-2019-7826"], "modified": "2019-05-14T00:00:00", "id": "CPAI-2019-0639", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-12-22T23:46:43", "description": "### *Detect date*:\n05/14/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Adobe Acrobat&Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code.\n\n### *Affected products*:\nAcrobat DC Continuous 2019.010.20100 and earlier versions \nAcrobat Reader DC Continuous 2019.010.20099 and earlier versions \nAcrobat 2017 2017.011.30140 and earlier version \nAcrobat Reader 2017.011.30138 and earlier version \nAcrobat DC Classic 2015.006.30495 and earlier versions \nAcrobat Reader DC Classic 2015.006.30493 and earlier versions\n\n### *Solution*:\nUpdate to the latest version \n[Download Adobe Acrobat Reader DC](<https://get.adobe.com/ru/reader/>)\n\n### *Original advisories*:\n[APSB19-18](<https://helpx.adobe.com/security/products/acrobat/apsb19-18.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Acrobat Reader DC Continuous](<https://threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Continuous/>)\n\n### *CVE-IDS*:\n[CVE-2019-7841](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7841>)5.0Critical \n[CVE-2019-7836](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7836>)5.0Critical \n[CVE-2019-7826](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7826>)6.8High \n[CVE-2019-7813](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7813>)5.0Critical \n[CVE-2019-7812](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7812>)5.0Critical \n[CVE-2019-7811](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7811>)5.0Critical \n[CVE-2019-7810](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7810>)4.3Warning \n[CVE-2019-7803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7803>)4.3Warning \n[CVE-2019-7802](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7802>)4.3Warning \n[CVE-2019-7801](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7801>)4.3Warning \n[CVE-2019-7799](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7799>)4.3Warning \n[CVE-2019-7798](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7798>)6.8High \n[CVE-2019-7795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7795>)5.0Critical \n[CVE-2019-7794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7794>)4.3Warning \n[CVE-2019-7793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7793>)5.0Critical \n[CVE-2019-7790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7790>)5.0Critical \n[CVE-2019-7789](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7789>)5.0Critical \n[CVE-2019-7787](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7787>)4.3Warning \n[CVE-2019-7780](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7780>)5.0Critical \n[CVE-2019-7778](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7778>)5.0Critical \n[CVE-2019-7777](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7777>)5.0Critical \n[CVE-2019-7776](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7776>)5.0Critical \n[CVE-2019-7775](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7775>)5.0Critical \n[CVE-2019-7774](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7774>)5.0Critical \n[CVE-2019-7773](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7773>)5.0Critical \n[CVE-2019-7771](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7771>)5.0Critical \n[CVE-2019-7770](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7770>)5.0Critical \n[CVE-2019-7769](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7769>)5.0Critical \n[CVE-2019-7758](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7758>)4.3Warning \n[CVE-2019-7145](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7145>)4.3Warning \n[CVE-2019-7144](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7144>)4.3Warning \n[CVE-2019-7143](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7143>)6.8High \n[CVE-2019-7142](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7142>)5.0Critical \n[CVE-2019-7141](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7141>)4.3Warning \n[CVE-2019-7140](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7140>)4.3Warning \n[CVE-2019-7829](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7829>)9.3Critical \n[CVE-2019-7825](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7825>)9.3Critical \n[CVE-2019-7822](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7822>)9.3Critical \n[CVE-2019-7818](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7818>)9.3Critical \n[CVE-2019-7800](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7800>)9.3Critical \n[CVE-2019-7820](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7820>)9.3Critical \n[CVE-2019-7831](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7831>)9.3Critical \n[CVE-2019-7830](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7830>)9.3Critical \n[CVE-2019-7823](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7823>)7.1High \n[CVE-2019-7821](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7821>)7.1High \n[CVE-2019-7817](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7817>)9.3Critical \n[CVE-2019-7814](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7814>)9.3Critical \n[CVE-2019-7809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7809>)7.1High \n[CVE-2019-7797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7797>)9.3Critical \n[CVE-2019-7796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7796>)9.3Critical \n[CVE-2019-7786](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7786>)9.3Critical \n[CVE-2019-7785](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7785>)4.3Warning \n[CVE-2019-7761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7761>)9.3Critical \n[CVE-2019-7760](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7760>)9.3Critical \n[CVE-2019-7759](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7759>)9.3Critical \n[CVE-2019-7828](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7828>)9.3Critical \n[CVE-2019-7827](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7827>)9.3Critical \n[CVE-2019-7824](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7824>)9.3Critical \n[CVE-2019-8238](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8238>)5.0Critical", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-14T00:00:00", "type": "kaspersky", "title": "KLA11481 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7780", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-8238"], "modified": "2020-06-03T00:00:00", "id": "KLA11481", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11481/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-07-17T14:03:34", "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-18) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815073", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815073\");\n script_version(\"2019-07-05T08:29:17+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:29:17 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-18) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30497 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30497 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30495 == 15.006.30495\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30495\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30497 (2015.006.30497)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:49", "description": "This host is installed with Adobe Acrobat\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates (apsb19-18)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310815063", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815063", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815063\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat 2017 Security Updates (apsb19-18)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat versions 2017.011.30140 and\n earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30142 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30140 == 17.011.30140\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30140\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30142 (2017.011.30142)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:23", "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates (apsb19-18)-Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310815066", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815066", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815066\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates (apsb19-18)-Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader 2017.011.30138 and earlier\n versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30142 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30138 == 17.011.30138\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30138\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30142 (2017.011.30142)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:54", "description": "This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-18) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815071", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815071", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815071\");\n script_version(\"2019-07-05T08:29:17+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:29:17 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-18) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC Classic 2015 version\n 2015.x before 2015.006.30497 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30497 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30493 == 15.006.30493\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30493\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30497 (2015.006.30497)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:36", "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-18) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815074", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815074\");\n script_version(\"2019-07-05T08:29:17+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:29:17 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-18) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30497 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30497 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30495 == 15.006.30495\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30495\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30497 (2015.006.30497)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:42", "description": "This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-18) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815067", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815067\");\n script_version(\"2019-07-05T08:07:19+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:07:19 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-18) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.010.20099 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.012.20034 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20034 == 19.012.20034\nif(version_is_less_equal(version:vers, test_version:\"19.010.20099\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.012.20034 (2019.012.20034)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:21", "description": "This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-18) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815068", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815068", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815068\");\n script_version(\"2019-07-05T08:07:19+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:07:19 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-18) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.010.20099 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.012.20034 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20034 == 19.012.20034\nif(version_is_less(version:vers, test_version:\"19.012.20034\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.012.20034 (2019.012.20034)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:29", "description": "This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-18) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815072", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815072\");\n script_version(\"2019-07-05T08:29:17+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:29:17 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-18) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC Classic 2015 version\n 2015.x before 2015.006.30497 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30497 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30493 == 15.006.30493\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30493\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30497 (2015.006.30497)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:44", "description": "This host is installed with Adobe Acrobat\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat 2017 Security Updates (apsb19-18)-Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310815064", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815064", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815064\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat 2017 Security Updates (apsb19-18)-Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat 2017.011.30140 and earlier\n versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat 2017 version\n 2017.011.30142 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30140 == 17.011.30140\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30140\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30142 (2017.011.30142)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:45", "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-18) - Mac OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815070", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815070\");\n script_version(\"2019-07-05T08:07:19+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:07:19 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-18) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2019.010.20100 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Continuous\n version 2019.012.20034 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.010.20100 == 19.010.20100\nif(version_is_less_equal(version:vers, test_version:\"19.010.20100\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.012.20034 (2019.012.20034)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:40", "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates (apsb19-18)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-16T00:00:00", "id": "OPENVAS:1361412562310815065", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815065", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815065\");\n script_version(\"2019-07-16T10:51:36+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-16 10:51:36 +0000 (Tue, 16 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates (apsb19-18)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader versions 2017.011.30138 and\n earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30142 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30138 == 17.011.30138\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30138\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30142 (2017.011.30142)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:03:56", "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-18) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7758", "CVE-2019-7799", "CVE-2019-7764", "CVE-2019-7790", "CVE-2019-7763", "CVE-2019-7761", "CVE-2019-7825", "CVE-2019-7795", "CVE-2019-7792", "CVE-2019-7835", "CVE-2019-7812", "CVE-2019-7142", "CVE-2019-7782", "CVE-2019-7144", "CVE-2019-7789", "CVE-2019-7832", "CVE-2019-7783", "CVE-2019-7804", "CVE-2019-7762", "CVE-2019-7807", "CVE-2019-7826", "CVE-2019-7788", "CVE-2019-7798", "CVE-2019-7771", "CVE-2019-7143", "CVE-2019-7828", "CVE-2019-7811", "CVE-2019-7802", "CVE-2019-7772", "CVE-2019-7786", "CVE-2019-7759", "CVE-2019-7809", "CVE-2019-7829", "CVE-2019-7775", "CVE-2019-7823", "CVE-2019-7813", "CVE-2019-7806", "CVE-2019-7800", "CVE-2019-7779", "CVE-2019-7768", "CVE-2019-7785", "CVE-2019-7824", "CVE-2019-7817", "CVE-2019-7778", "CVE-2019-7777", "CVE-2019-7833", "CVE-2019-7791", "CVE-2019-7784", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7780", "CVE-2019-7776", "CVE-2019-7805", "CVE-2019-7760", "CVE-2019-7818", "CVE-2019-7140", "CVE-2019-7770", "CVE-2019-7834", "CVE-2019-7774", "CVE-2019-7814", "CVE-2019-7794", "CVE-2019-7821", "CVE-2019-7769", "CVE-2019-7796", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7827", "CVE-2019-7145", "CVE-2019-7836", "CVE-2019-7810", "CVE-2019-7797", "CVE-2019-7822", "CVE-2019-7793", "CVE-2019-7820", "CVE-2019-7765", "CVE-2019-7803", "CVE-2019-7141", "CVE-2019-7773", "CVE-2019-7801", "CVE-2019-7841", "CVE-2019-7787", "CVE-2019-7808", "CVE-2019-7781"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310815069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815069", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815069\");\n script_version(\"2019-07-05T08:07:19+0000\");\n script_cve_id(\"CVE-2019-7140\", \"CVE-2019-7141\", \"CVE-2019-7142\", \"CVE-2019-7143\",\n \"CVE-2019-7144\", \"CVE-2019-7145\", \"CVE-2019-7758\", \"CVE-2019-7759\",\n \"CVE-2019-7760\", \"CVE-2019-7761\", \"CVE-2019-7762\", \"CVE-2019-7763\",\n \"CVE-2019-7764\", \"CVE-2019-7765\", \"CVE-2019-7766\", \"CVE-2019-7767\",\n \"CVE-2019-7768\", \"CVE-2019-7769\", \"CVE-2019-7770\", \"CVE-2019-7771\",\n \"CVE-2019-7772\", \"CVE-2019-7773\", \"CVE-2019-7774\", \"CVE-2019-7775\",\n \"CVE-2019-7776\", \"CVE-2019-7777\", \"CVE-2019-7778\", \"CVE-2019-7779\",\n \"CVE-2019-7780\", \"CVE-2019-7781\", \"CVE-2019-7782\", \"CVE-2019-7783\",\n \"CVE-2019-7784\", \"CVE-2019-7785\", \"CVE-2019-7786\", \"CVE-2019-7787\",\n \"CVE-2019-7788\", \"CVE-2019-7789\", \"CVE-2019-7790\", \"CVE-2019-7791\",\n \"CVE-2019-7792\", \"CVE-2019-7793\", \"CVE-2019-7794\", \"CVE-2019-7795\",\n \"CVE-2019-7796\", \"CVE-2019-7797\", \"CVE-2019-7798\", \"CVE-2019-7799\",\n \"CVE-2019-7800\", \"CVE-2019-7801\", \"CVE-2019-7802\", \"CVE-2019-7803\",\n \"CVE-2019-7804\", \"CVE-2019-7805\", \"CVE-2019-7806\", \"CVE-2019-7807\",\n \"CVE-2019-7808\", \"CVE-2019-7809\", \"CVE-2019-7810\", \"CVE-2019-7811\",\n \"CVE-2019-7812\", \"CVE-2019-7813\", \"CVE-2019-7814\", \"CVE-2019-7817\",\n \"CVE-2019-7818\", \"CVE-2019-7820\", \"CVE-2019-7821\", \"CVE-2019-7822\",\n \"CVE-2019-7823\", \"CVE-2019-7824\", \"CVE-2019-7825\", \"CVE-2019-7826\",\n \"CVE-2019-7827\", \"CVE-2019-7828\", \"CVE-2019-7829\", \"CVE-2019-7830\",\n \"CVE-2019-7831\", \"CVE-2019-7832\", \"CVE-2019-7833\", \"CVE-2019-7834\",\n \"CVE-2019-7835\", \"CVE-2019-7836\", \"CVE-2019-7841\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:07:19 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 11:08:46 +0530 (Thu, 16 May 2019)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-18) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - A type confusion error.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer error.\n\n - A double free error.\n\n - A security bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2019.010.20100 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Continuous\n version 2019.012.20034 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.010.20100 == 19.010.20100\nif(version_is_less_equal(version:vers, test_version:\"19.010.20100\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.012.20034 (2019.012.20034)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-02-19T13:48:24", "description": "The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2015.006.30495, 2017.011.30140, or 2019.010.20100. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826, CVE-2019-7813, CVE-2019-7812, CVE-2019-7811, CVE-2019-7810, CVE-2019-7803, CVE-2019-7802, CVE-2019-7801, CVE-2019-7799, CVE-2019-7798, CVE-2019-7795, CVE-2019-7794, CVE-2019-7793, CVE-2019-7790, CVE-2019-7789, CVE-2019-7787, CVE-2019-7780, CVE-2019-7778, CVE-2019-7777, CVE-2019-7776, CVE-2019-7775, CVE-2019-7774, CVE-2019-7773, CVE-2019-7771, CVE-2019-7770, CVE-2019-7769, CVE-2019-7758, CVE-2019-7145, CVE-2019-7144, CVE-2019-7143, CVE-2019-7142, CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7804, CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833, CVE-2019-7832, CVE-2019-7831, CVE-2019-7830, CVE-2019-7823, CVE-2019-7821, CVE-2019-7817, CVE-2019-7814, CVE-2019-7809, CVE-2019-7808, CVE-2019-7807, CVE-2019-7806, CVE-2019-7805, CVE-2019-7797, CVE-2019-7796, CVE-2019-7792, CVE-2019-7791, CVE-2019-7788, CVE-2019-7786, CVE-2019-7785, CVE-2019-7783, CVE-2019-7782, CVE-2019-7781, CVE-2019-7772, CVE-2019-7768, CVE-2019-7767, CVE-2019-7766, CVE-2019-7765, CVE-2019-7764, CVE-2019-7763, CVE-2019-7762, CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Adobe Acrobat <= 2015.006.30495 / 2017.011.30140 / 2019.010.20100 Multiple Vulnerabilities (APSB19-18) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7762", "CVE-2019-7763", "CVE-2019-7764", "CVE-2019-7765", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7768", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7772", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7779", "CVE-2019-7780", "CVE-2019-7781", "CVE-2019-7782", "CVE-2019-7783", "CVE-2019-7784", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7788", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7791", "CVE-2019-7792", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7804", "CVE-2019-7805", "CVE-2019-7806", "CVE-2019-7807", "CVE-2019-7808", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7832", "CVE-2019-7833", "CVE-2019-7834", "CVE-2019-7835", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-7966", "CVE-2019-7967", "CVE-2019-8238"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOS_ADOBE_ACROBAT_APSB19-18.NASL", "href": "https://www.tenable.com/plugins/nessus/125219", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125219);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2019-7140\",\n \"CVE-2019-7141\",\n \"CVE-2019-7142\",\n \"CVE-2019-7143\",\n \"CVE-2019-7144\",\n \"CVE-2019-7145\",\n \"CVE-2019-7758\",\n \"CVE-2019-7759\",\n \"CVE-2019-7760\",\n \"CVE-2019-7761\",\n \"CVE-2019-7762\",\n \"CVE-2019-7763\",\n \"CVE-2019-7764\",\n \"CVE-2019-7765\",\n \"CVE-2019-7766\",\n \"CVE-2019-7767\",\n \"CVE-2019-7768\",\n \"CVE-2019-7769\",\n \"CVE-2019-7770\",\n \"CVE-2019-7771\",\n \"CVE-2019-7772\",\n \"CVE-2019-7773\",\n \"CVE-2019-7774\",\n \"CVE-2019-7775\",\n \"CVE-2019-7776\",\n \"CVE-2019-7777\",\n \"CVE-2019-7778\",\n \"CVE-2019-7779\",\n \"CVE-2019-7780\",\n \"CVE-2019-7781\",\n \"CVE-2019-7782\",\n \"CVE-2019-7783\",\n \"CVE-2019-7784\",\n \"CVE-2019-7785\",\n \"CVE-2019-7786\",\n \"CVE-2019-7787\",\n \"CVE-2019-7788\",\n \"CVE-2019-7789\",\n \"CVE-2019-7790\",\n \"CVE-2019-7791\",\n \"CVE-2019-7792\",\n \"CVE-2019-7793\",\n \"CVE-2019-7794\",\n \"CVE-2019-7795\",\n \"CVE-2019-7796\",\n \"CVE-2019-7797\",\n \"CVE-2019-7798\",\n \"CVE-2019-7799\",\n \"CVE-2019-7800\",\n \"CVE-2019-7801\",\n \"CVE-2019-7802\",\n \"CVE-2019-7803\",\n \"CVE-2019-7804\",\n \"CVE-2019-7805\",\n \"CVE-2019-7806\",\n \"CVE-2019-7807\",\n \"CVE-2019-7808\",\n \"CVE-2019-7809\",\n \"CVE-2019-7810\",\n \"CVE-2019-7811\",\n \"CVE-2019-7812\",\n \"CVE-2019-7813\",\n \"CVE-2019-7814\",\n \"CVE-2019-7817\",\n \"CVE-2019-7818\",\n \"CVE-2019-7820\",\n \"CVE-2019-7821\",\n \"CVE-2019-7822\",\n \"CVE-2019-7823\",\n \"CVE-2019-7824\",\n \"CVE-2019-7825\",\n \"CVE-2019-7826\",\n \"CVE-2019-7827\",\n \"CVE-2019-7828\",\n \"CVE-2019-7829\",\n \"CVE-2019-7830\",\n \"CVE-2019-7831\",\n \"CVE-2019-7832\",\n \"CVE-2019-7833\",\n \"CVE-2019-7834\",\n \"CVE-2019-7835\",\n \"CVE-2019-7836\",\n \"CVE-2019-7841\",\n \"CVE-2019-7966\",\n \"CVE-2019-7967\",\n \"CVE-2019-8238\"\n );\n\n script_name(english:\"Adobe Acrobat <= 2015.006.30495 / 2017.011.30140 / 2019.010.20100 Multiple Vulnerabilities (APSB19-18) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is a\nversion prior or equal to 2015.006.30495, 2017.011.30140, or\n2019.010.20100. It is, therefore, affected by multiple\nvulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826,\n CVE-2019-7813, CVE-2019-7812, CVE-2019-7811,\n CVE-2019-7810, CVE-2019-7803, CVE-2019-7802,\n CVE-2019-7801, CVE-2019-7799, CVE-2019-7798,\n CVE-2019-7795, CVE-2019-7794, CVE-2019-7793,\n CVE-2019-7790, CVE-2019-7789, CVE-2019-7787,\n CVE-2019-7780, CVE-2019-7778, CVE-2019-7777,\n CVE-2019-7776, CVE-2019-7775, CVE-2019-7774,\n CVE-2019-7773, CVE-2019-7771, CVE-2019-7770,\n CVE-2019-7769, CVE-2019-7758, CVE-2019-7145,\n CVE-2019-7144, CVE-2019-7143, CVE-2019-7142,\n CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7829, CVE-2019-7825,\n CVE-2019-7822, CVE-2019-7818, CVE-2019-7804,\n CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833,\n CVE-2019-7832, CVE-2019-7831, CVE-2019-7830,\n CVE-2019-7823, CVE-2019-7821, CVE-2019-7817,\n CVE-2019-7814, CVE-2019-7809, CVE-2019-7808,\n CVE-2019-7807, CVE-2019-7806, CVE-2019-7805,\n CVE-2019-7797, CVE-2019-7796, CVE-2019-7792,\n CVE-2019-7791, CVE-2019-7788, CVE-2019-7786,\n CVE-2019-7785, CVE-2019-7783, CVE-2019-7782,\n CVE-2019-7781, CVE-2019-7772, CVE-2019-7768,\n CVE-2019-7767, CVE-2019-7766, CVE-2019-7765,\n CVE-2019-7764, CVE-2019-7763, CVE-2019-7762,\n CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code\n Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code\n Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code\n Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2015.006.30497 or 2017.011.30142 or\n2019.012.20034 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\");\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30495\", \"fixed_version\" : \"15.006.30497\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30140\", \"fixed_version\" : \"17.011.30142\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"19.010.20100\", \"fixed_version\" : \"19.012.20034\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:51:16", "description": "The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2015.006.30493, 2017.011.30138, or 2019.010.20099. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826, CVE-2019-7813, CVE-2019-7812, CVE-2019-7811, CVE-2019-7810, CVE-2019-7803, CVE-2019-7802, CVE-2019-7801, CVE-2019-7799, CVE-2019-7798, CVE-2019-7795, CVE-2019-7794, CVE-2019-7793, CVE-2019-7790, CVE-2019-7789, CVE-2019-7787, CVE-2019-7780, CVE-2019-7778, CVE-2019-7777, CVE-2019-7776, CVE-2019-7775, CVE-2019-7774, CVE-2019-7773, CVE-2019-7771, CVE-2019-7770, CVE-2019-7769, CVE-2019-7758, CVE-2019-7145, CVE-2019-7144, CVE-2019-7143, CVE-2019-7142, CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7804, CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833, CVE-2019-7832, CVE-2019-7831, CVE-2019-7830, CVE-2019-7823, CVE-2019-7821, CVE-2019-7817, CVE-2019-7814, CVE-2019-7809, CVE-2019-7808, CVE-2019-7807, CVE-2019-7806, CVE-2019-7805, CVE-2019-7797, CVE-2019-7796, CVE-2019-7792, CVE-2019-7791, CVE-2019-7788, CVE-2019-7786, CVE-2019-7785, CVE-2019-7783, CVE-2019-7782, CVE-2019-7781, CVE-2019-7772, CVE-2019-7768, CVE-2019-7767, CVE-2019-7766, CVE-2019-7765, CVE-2019-7764, CVE-2019-7763, CVE-2019-7762, CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Adobe Reader <= 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19-18) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7762", "CVE-2019-7763", "CVE-2019-7764", "CVE-2019-7765", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7768", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7772", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7779", "CVE-2019-7780", "CVE-2019-7781", "CVE-2019-7782", "CVE-2019-7783", "CVE-2019-7784", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7788", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7791", "CVE-2019-7792", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7804", "CVE-2019-7805", "CVE-2019-7806", "CVE-2019-7807", "CVE-2019-7808", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7832", "CVE-2019-7833", "CVE-2019-7834", "CVE-2019-7835", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-7966", "CVE-2019-7967", "CVE-2019-8238"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOS_ADOBE_READER_APSB19-18.NASL", "href": "https://www.tenable.com/plugins/nessus/125220", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125220);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2019-7140\",\n \"CVE-2019-7141\",\n \"CVE-2019-7142\",\n \"CVE-2019-7143\",\n \"CVE-2019-7144\",\n \"CVE-2019-7145\",\n \"CVE-2019-7758\",\n \"CVE-2019-7759\",\n \"CVE-2019-7760\",\n \"CVE-2019-7761\",\n \"CVE-2019-7762\",\n \"CVE-2019-7763\",\n \"CVE-2019-7764\",\n \"CVE-2019-7765\",\n \"CVE-2019-7766\",\n \"CVE-2019-7767\",\n \"CVE-2019-7768\",\n \"CVE-2019-7769\",\n \"CVE-2019-7770\",\n \"CVE-2019-7771\",\n \"CVE-2019-7772\",\n \"CVE-2019-7773\",\n \"CVE-2019-7774\",\n \"CVE-2019-7775\",\n \"CVE-2019-7776\",\n \"CVE-2019-7777\",\n \"CVE-2019-7778\",\n \"CVE-2019-7779\",\n \"CVE-2019-7780\",\n \"CVE-2019-7781\",\n \"CVE-2019-7782\",\n \"CVE-2019-7783\",\n \"CVE-2019-7784\",\n \"CVE-2019-7785\",\n \"CVE-2019-7786\",\n \"CVE-2019-7787\",\n \"CVE-2019-7788\",\n \"CVE-2019-7789\",\n \"CVE-2019-7790\",\n \"CVE-2019-7791\",\n \"CVE-2019-7792\",\n \"CVE-2019-7793\",\n \"CVE-2019-7794\",\n \"CVE-2019-7795\",\n \"CVE-2019-7796\",\n \"CVE-2019-7797\",\n \"CVE-2019-7798\",\n \"CVE-2019-7799\",\n \"CVE-2019-7800\",\n \"CVE-2019-7801\",\n \"CVE-2019-7802\",\n \"CVE-2019-7803\",\n \"CVE-2019-7804\",\n \"CVE-2019-7805\",\n \"CVE-2019-7806\",\n \"CVE-2019-7807\",\n \"CVE-2019-7808\",\n \"CVE-2019-7809\",\n \"CVE-2019-7810\",\n \"CVE-2019-7811\",\n \"CVE-2019-7812\",\n \"CVE-2019-7813\",\n \"CVE-2019-7814\",\n \"CVE-2019-7817\",\n \"CVE-2019-7818\",\n \"CVE-2019-7820\",\n \"CVE-2019-7821\",\n \"CVE-2019-7822\",\n \"CVE-2019-7823\",\n \"CVE-2019-7824\",\n \"CVE-2019-7825\",\n \"CVE-2019-7826\",\n \"CVE-2019-7827\",\n \"CVE-2019-7828\",\n \"CVE-2019-7829\",\n \"CVE-2019-7830\",\n \"CVE-2019-7831\",\n \"CVE-2019-7832\",\n \"CVE-2019-7833\",\n \"CVE-2019-7834\",\n \"CVE-2019-7835\",\n \"CVE-2019-7836\",\n \"CVE-2019-7841\",\n \"CVE-2019-7966\",\n \"CVE-2019-7967\",\n \"CVE-2019-8238\"\n );\n\n script_name(english:\"Adobe Reader <= 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19-18) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote macOS host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS host is a\nversion prior or equal to 2015.006.30493, 2017.011.30138, or\n2019.010.20099. It is, therefore, affected by multiple\nvulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826,\n CVE-2019-7813, CVE-2019-7812, CVE-2019-7811,\n CVE-2019-7810, CVE-2019-7803, CVE-2019-7802,\n CVE-2019-7801, CVE-2019-7799, CVE-2019-7798,\n CVE-2019-7795, CVE-2019-7794, CVE-2019-7793,\n CVE-2019-7790, CVE-2019-7789, CVE-2019-7787,\n CVE-2019-7780, CVE-2019-7778, CVE-2019-7777,\n CVE-2019-7776, CVE-2019-7775, CVE-2019-7774,\n CVE-2019-7773, CVE-2019-7771, CVE-2019-7770,\n CVE-2019-7769, CVE-2019-7758, CVE-2019-7145,\n CVE-2019-7144, CVE-2019-7143, CVE-2019-7142,\n CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7829, CVE-2019-7825,\n CVE-2019-7822, CVE-2019-7818, CVE-2019-7804,\n CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833,\n CVE-2019-7832, CVE-2019-7831, CVE-2019-7830,\n CVE-2019-7823, CVE-2019-7821, CVE-2019-7817,\n CVE-2019-7814, CVE-2019-7809, CVE-2019-7808,\n CVE-2019-7807, CVE-2019-7806, CVE-2019-7805,\n CVE-2019-7797, CVE-2019-7796, CVE-2019-7792,\n CVE-2019-7791, CVE-2019-7788, CVE-2019-7786,\n CVE-2019-7785, CVE-2019-7783, CVE-2019-7782,\n CVE-2019-7781, CVE-2019-7772, CVE-2019-7768,\n CVE-2019-7767, CVE-2019-7766, CVE-2019-7765,\n CVE-2019-7764, CVE-2019-7763, CVE-2019-7762,\n CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code\n Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code\n Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code\n Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2015.006.30497 or 2017.011.30142 or\n2019.012.20034 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\napp_info = vcf::get_app_info(app:\"Adobe Reader\");\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30493\", \"fixed_version\" : \"15.006.30497\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30138\", \"fixed_version\" : \"17.011.30142\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"19.010.20099\", \"fixed_version\" : \"19.012.20034\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:47:21", "description": "The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2015.006.30495, 2017.011.30140, or 2019.010.20100. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826, CVE-2019-7813, CVE-2019-7812, CVE-2019-7811, CVE-2019-7810, CVE-2019-7803, CVE-2019-7802, CVE-2019-7801, CVE-2019-7799, CVE-2019-7798, CVE-2019-7795, CVE-2019-7794, CVE-2019-7793, CVE-2019-7790, CVE-2019-7789, CVE-2019-7787, CVE-2019-7780, CVE-2019-7778, CVE-2019-7777, CVE-2019-7776, CVE-2019-7775, CVE-2019-7774, CVE-2019-7773, CVE-2019-7771, CVE-2019-7770, CVE-2019-7769, CVE-2019-7758, CVE-2019-7145, CVE-2019-7144, CVE-2019-7143, CVE-2019-7142, CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7804, CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833, CVE-2019-7832, CVE-2019-7831, CVE-2019-7830, CVE-2019-7823, CVE-2019-7821, CVE-2019-7817, CVE-2019-7814, CVE-2019-7809, CVE-2019-7808, CVE-2019-7807, CVE-2019-7806, CVE-2019-7805, CVE-2019-7797, CVE-2019-7796, CVE-2019-7792, CVE-2019-7791, CVE-2019-7788, CVE-2019-7786, CVE-2019-7785, CVE-2019-7783, CVE-2019-7782, CVE-2019-7781, CVE-2019-7772, CVE-2019-7768, CVE-2019-7767, CVE-2019-7766, CVE-2019-7765, CVE-2019-7764, CVE-2019-7763, CVE-2019-7762, CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Adobe Acrobat <= 2015.006.30495 / 2017.011.30140 / 2019.010.20100 Multiple Vulnerabilities (APSB19-18)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7762", "CVE-2019-7763", "CVE-2019-7764", "CVE-2019-7765", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7768", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7772", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7779", "CVE-2019-7780", "CVE-2019-7781", "CVE-2019-7782", "CVE-2019-7783", "CVE-2019-7784", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7788", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7791", "CVE-2019-7792", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7804", "CVE-2019-7805", "CVE-2019-7806", "CVE-2019-7807", "CVE-2019-7808", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7832", "CVE-2019-7833", "CVE-2019-7834", "CVE-2019-7835", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-7966", "CVE-2019-7967", "CVE-2019-8238"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB19-18.NASL", "href": "https://www.tenable.com/plugins/nessus/125221", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125221);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2019-7140\",\n \"CVE-2019-7141\",\n \"CVE-2019-7142\",\n \"CVE-2019-7143\",\n \"CVE-2019-7144\",\n \"CVE-2019-7145\",\n \"CVE-2019-7758\",\n \"CVE-2019-7759\",\n \"CVE-2019-7760\",\n \"CVE-2019-7761\",\n \"CVE-2019-7762\",\n \"CVE-2019-7763\",\n \"CVE-2019-7764\",\n \"CVE-2019-7765\",\n \"CVE-2019-7766\",\n \"CVE-2019-7767\",\n \"CVE-2019-7768\",\n \"CVE-2019-7769\",\n \"CVE-2019-7770\",\n \"CVE-2019-7771\",\n \"CVE-2019-7772\",\n \"CVE-2019-7773\",\n \"CVE-2019-7774\",\n \"CVE-2019-7775\",\n \"CVE-2019-7776\",\n \"CVE-2019-7777\",\n \"CVE-2019-7778\",\n \"CVE-2019-7779\",\n \"CVE-2019-7780\",\n \"CVE-2019-7781\",\n \"CVE-2019-7782\",\n \"CVE-2019-7783\",\n \"CVE-2019-7784\",\n \"CVE-2019-7785\",\n \"CVE-2019-7786\",\n \"CVE-2019-7787\",\n \"CVE-2019-7788\",\n \"CVE-2019-7789\",\n \"CVE-2019-7790\",\n \"CVE-2019-7791\",\n \"CVE-2019-7792\",\n \"CVE-2019-7793\",\n \"CVE-2019-7794\",\n \"CVE-2019-7795\",\n \"CVE-2019-7796\",\n \"CVE-2019-7797\",\n \"CVE-2019-7798\",\n \"CVE-2019-7799\",\n \"CVE-2019-7800\",\n \"CVE-2019-7801\",\n \"CVE-2019-7802\",\n \"CVE-2019-7803\",\n \"CVE-2019-7804\",\n \"CVE-2019-7805\",\n \"CVE-2019-7806\",\n \"CVE-2019-7807\",\n \"CVE-2019-7808\",\n \"CVE-2019-7809\",\n \"CVE-2019-7810\",\n \"CVE-2019-7811\",\n \"CVE-2019-7812\",\n \"CVE-2019-7813\",\n \"CVE-2019-7814\",\n \"CVE-2019-7817\",\n \"CVE-2019-7818\",\n \"CVE-2019-7820\",\n \"CVE-2019-7821\",\n \"CVE-2019-7822\",\n \"CVE-2019-7823\",\n \"CVE-2019-7824\",\n \"CVE-2019-7825\",\n \"CVE-2019-7826\",\n \"CVE-2019-7827\",\n \"CVE-2019-7828\",\n \"CVE-2019-7829\",\n \"CVE-2019-7830\",\n \"CVE-2019-7831\",\n \"CVE-2019-7832\",\n \"CVE-2019-7833\",\n \"CVE-2019-7834\",\n \"CVE-2019-7835\",\n \"CVE-2019-7836\",\n \"CVE-2019-7841\",\n \"CVE-2019-7966\",\n \"CVE-2019-7967\",\n \"CVE-2019-8238\"\n );\n\n script_name(english:\"Adobe Acrobat <= 2015.006.30495 / 2017.011.30140 / 2019.010.20100 Multiple Vulnerabilities (APSB19-18)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is a\nversion prior or equal to 2015.006.30495, 2017.011.30140, or\n2019.010.20100. It is, therefore, affected by multiple\nvulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826,\n CVE-2019-7813, CVE-2019-7812, CVE-2019-7811,\n CVE-2019-7810, CVE-2019-7803, CVE-2019-7802,\n CVE-2019-7801, CVE-2019-7799, CVE-2019-7798,\n CVE-2019-7795, CVE-2019-7794, CVE-2019-7793,\n CVE-2019-7790, CVE-2019-7789, CVE-2019-7787,\n CVE-2019-7780, CVE-2019-7778, CVE-2019-7777,\n CVE-2019-7776, CVE-2019-7775, CVE-2019-7774,\n CVE-2019-7773, CVE-2019-7771, CVE-2019-7770,\n CVE-2019-7769, CVE-2019-7758, CVE-2019-7145,\n CVE-2019-7144, CVE-2019-7143, CVE-2019-7142,\n CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7829, CVE-2019-7825,\n CVE-2019-7822, CVE-2019-7818, CVE-2019-7804,\n CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833,\n CVE-2019-7832, CVE-2019-7831, CVE-2019-7830,\n CVE-2019-7823, CVE-2019-7821, CVE-2019-7817,\n CVE-2019-7814, CVE-2019-7809, CVE-2019-7808,\n CVE-2019-7807, CVE-2019-7806, CVE-2019-7805,\n CVE-2019-7797, CVE-2019-7796, CVE-2019-7792,\n CVE-2019-7791, CVE-2019-7788, CVE-2019-7786,\n CVE-2019-7785, CVE-2019-7783, CVE-2019-7782,\n CVE-2019-7781, CVE-2019-7772, CVE-2019-7768,\n CVE-2019-7767, CVE-2019-7766, CVE-2019-7765,\n CVE-2019-7764, CVE-2019-7763, CVE-2019-7762,\n CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code\n Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code\n Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code\n Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2015.006.30497 or 2017.011.30142 or\n2019.012.20034 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\napp_info = vcf::get_app_info(app:\"Adobe Acrobat\", win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30495\", \"fixed_version\" : \"15.006.30497\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30140\", \"fixed_version\" : \"17.011.30142\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"19.010.20100\", \"fixed_version\" : \"19.012.20034\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:50:10", "description": "The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30493, 2017.011.30138, or 2019.010.20099. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826, CVE-2019-7813, CVE-2019-7812, CVE-2019-7811, CVE-2019-7810, CVE-2019-7803, CVE-2019-7802, CVE-2019-7801, CVE-2019-7799, CVE-2019-7798, CVE-2019-7795, CVE-2019-7794, CVE-2019-7793, CVE-2019-7790, CVE-2019-7789, CVE-2019-7787, CVE-2019-7780, CVE-2019-7778, CVE-2019-7777, CVE-2019-7776, CVE-2019-7775, CVE-2019-7774, CVE-2019-7773, CVE-2019-7771, CVE-2019-7770, CVE-2019-7769, CVE-2019-7758, CVE-2019-7145, CVE-2019-7144, CVE-2019-7143, CVE-2019-7142, CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7804, CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833, CVE-2019-7832, CVE-2019-7831, CVE-2019-7830, CVE-2019-7823, CVE-2019-7821, CVE-2019-7817, CVE-2019-7814, CVE-2019-7809, CVE-2019-7808, CVE-2019-7807, CVE-2019-7806, CVE-2019-7805, CVE-2019-7797, CVE-2019-7796, CVE-2019-7792, CVE-2019-7791, CVE-2019-7788, CVE-2019-7786, CVE-2019-7785, CVE-2019-7783, CVE-2019-7782, CVE-2019-7781, CVE-2019-7772, CVE-2019-7768, CVE-2019-7767, CVE-2019-7766, CVE-2019-7765, CVE-2019-7764, CVE-2019-7763, CVE-2019-7762, CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "Adobe Reader <= 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19-18)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7762", "CVE-2019-7763", "CVE-2019-7764", "CVE-2019-7765", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7768", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7772", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7779", "CVE-2019-7780", "CVE-2019-7781", "CVE-2019-7782", "CVE-2019-7783", "CVE-2019-7784", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7788", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7791", "CVE-2019-7792", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7804", "CVE-2019-7805", "CVE-2019-7806", "CVE-2019-7807", "CVE-2019-7808", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7832", "CVE-2019-7833", "CVE-2019-7834", "CVE-2019-7835", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-7966", "CVE-2019-7967", "CVE-2019-8238"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB19-18.NASL", "href": "https://www.tenable.com/plugins/nessus/125222", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125222);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2019-7140\",\n \"CVE-2019-7141\",\n \"CVE-2019-7142\",\n \"CVE-2019-7143\",\n \"CVE-2019-7144\",\n \"CVE-2019-7145\",\n \"CVE-2019-7758\",\n \"CVE-2019-7759\",\n \"CVE-2019-7760\",\n \"CVE-2019-7761\",\n \"CVE-2019-7762\",\n \"CVE-2019-7763\",\n \"CVE-2019-7764\",\n \"CVE-2019-7765\",\n \"CVE-2019-7766\",\n \"CVE-2019-7767\",\n \"CVE-2019-7768\",\n \"CVE-2019-7769\",\n \"CVE-2019-7770\",\n \"CVE-2019-7771\",\n \"CVE-2019-7772\",\n \"CVE-2019-7773\",\n \"CVE-2019-7774\",\n \"CVE-2019-7775\",\n \"CVE-2019-7776\",\n \"CVE-2019-7777\",\n \"CVE-2019-7778\",\n \"CVE-2019-7779\",\n \"CVE-2019-7780\",\n \"CVE-2019-7781\",\n \"CVE-2019-7782\",\n \"CVE-2019-7783\",\n \"CVE-2019-7784\",\n \"CVE-2019-7785\",\n \"CVE-2019-7786\",\n \"CVE-2019-7787\",\n \"CVE-2019-7788\",\n \"CVE-2019-7789\",\n \"CVE-2019-7790\",\n \"CVE-2019-7791\",\n \"CVE-2019-7792\",\n \"CVE-2019-7793\",\n \"CVE-2019-7794\",\n \"CVE-2019-7795\",\n \"CVE-2019-7796\",\n \"CVE-2019-7797\",\n \"CVE-2019-7798\",\n \"CVE-2019-7799\",\n \"CVE-2019-7800\",\n \"CVE-2019-7801\",\n \"CVE-2019-7802\",\n \"CVE-2019-7803\",\n \"CVE-2019-7804\",\n \"CVE-2019-7805\",\n \"CVE-2019-7806\",\n \"CVE-2019-7807\",\n \"CVE-2019-7808\",\n \"CVE-2019-7809\",\n \"CVE-2019-7810\",\n \"CVE-2019-7811\",\n \"CVE-2019-7812\",\n \"CVE-2019-7813\",\n \"CVE-2019-7814\",\n \"CVE-2019-7817\",\n \"CVE-2019-7818\",\n \"CVE-2019-7820\",\n \"CVE-2019-7821\",\n \"CVE-2019-7822\",\n \"CVE-2019-7823\",\n \"CVE-2019-7824\",\n \"CVE-2019-7825\",\n \"CVE-2019-7826\",\n \"CVE-2019-7827\",\n \"CVE-2019-7828\",\n \"CVE-2019-7829\",\n \"CVE-2019-7830\",\n \"CVE-2019-7831\",\n \"CVE-2019-7832\",\n \"CVE-2019-7833\",\n \"CVE-2019-7834\",\n \"CVE-2019-7835\",\n \"CVE-2019-7836\",\n \"CVE-2019-7841\",\n \"CVE-2019-7966\",\n \"CVE-2019-7967\",\n \"CVE-2019-8238\"\n );\n\n script_name(english:\"Adobe Reader <= 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19-18)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is a\nversion prior or equal to 2015.006.30493, 2017.011.30138, or\n2019.010.20099. It is, therefore, affected by multiple\nvulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information\n Disclosure (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826,\n CVE-2019-7813, CVE-2019-7812, CVE-2019-7811,\n CVE-2019-7810, CVE-2019-7803, CVE-2019-7802,\n CVE-2019-7801, CVE-2019-7799, CVE-2019-7798,\n CVE-2019-7795, CVE-2019-7794, CVE-2019-7793,\n CVE-2019-7790, CVE-2019-7789, CVE-2019-7787,\n CVE-2019-7780, CVE-2019-7778, CVE-2019-7777,\n CVE-2019-7776, CVE-2019-7775, CVE-2019-7774,\n CVE-2019-7773, CVE-2019-7771, CVE-2019-7770,\n CVE-2019-7769, CVE-2019-7758, CVE-2019-7145,\n CVE-2019-7144, CVE-2019-7143, CVE-2019-7142,\n CVE-2019-7141, CVE-2019-7140)\n\n - Out-of-Bounds Write potentially leading to Arbitrary\n Code Execution (CVE-2019-7829, CVE-2019-7825,\n CVE-2019-7822, CVE-2019-7818, CVE-2019-7804,\n CVE-2019-7800)\n\n - Type Confusion potentially leading to Arbitrary Code\n Execution (CVE-2019-7820)\n\n - Use After Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7835, CVE-2019-7834, CVE-2019-7833,\n CVE-2019-7832, CVE-2019-7831, CVE-2019-7830,\n CVE-2019-7823, CVE-2019-7821, CVE-2019-7817,\n CVE-2019-7814, CVE-2019-7809, CVE-2019-7808,\n CVE-2019-7807, CVE-2019-7806, CVE-2019-7805,\n CVE-2019-7797, CVE-2019-7796, CVE-2019-7792,\n CVE-2019-7791, CVE-2019-7788, CVE-2019-7786,\n CVE-2019-7785, CVE-2019-7783, CVE-2019-7782,\n CVE-2019-7781, CVE-2019-7772, CVE-2019-7768,\n CVE-2019-7767, CVE-2019-7766, CVE-2019-7765,\n CVE-2019-7764, CVE-2019-7763, CVE-2019-7762,\n CVE-2019-7761, CVE-2019-7760, CVE-2019-7759)\n\n - Heap Overflow potentially leading to Arbitrary Code\n Execution (CVE-2019-7828, CVE-2019-7827)\n\n - Buffer Error potentially leading to Arbitrary Code\n Execution (CVE-2019-7824)\n\n - Double Free potentially leading to Arbitrary Code\n Execution (CVE-2019-7784)\n\n - Security Bypass potentially leading to Arbitrary Code\n Execution (CVE-2019-7779)\n\n - Path Traversal leading to Information Disclosure.\n (CVE-2019-8238)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2015.006.30497 or 2017.011.30142 or\n2019.012.20034 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-7763\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"vcf_extras.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\napp_info = vcf::adobe_reader::get_app_info();\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { \"min_version\" : \"15.6\", \"max_version\" : \"15.006.30493\", \"fixed_version\" : \"15.006.30497\" },\n { \"min_version\" : \"17.8\", \"max_version\" : \"17.011.30138\", \"fixed_version\" : \"17.011.30142\" },\n { \"min_version\" : \"15.7\", \"max_version\" : \"19.010.20099\", \"fixed_version\" : \"19.012.20034\" }\n];\nvcf::adobe_reader::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, max_segs:3);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "adobe": [{"lastseen": "2021-09-30T17:39:33", "description": "Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address [critical]() and [important]() vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-14T00:00:00", "type": "adobe", "title": "APSB19-18 Security update available for Adobe Acrobat and Reader", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-7140", "CVE-2019-7141", "CVE-2019-7142", "CVE-2019-7143", "CVE-2019-7144", "CVE-2019-7145", "CVE-2019-7758", "CVE-2019-7759", "CVE-2019-7760", "CVE-2019-7761", "CVE-2019-7762", "CVE-2019-7763", "CVE-2019-7764", "CVE-2019-7765", "CVE-2019-7766", "CVE-2019-7767", "CVE-2019-7768", "CVE-2019-7769", "CVE-2019-7770", "CVE-2019-7771", "CVE-2019-7772", "CVE-2019-7773", "CVE-2019-7774", "CVE-2019-7775", "CVE-2019-7776", "CVE-2019-7777", "CVE-2019-7778", "CVE-2019-7779", "CVE-2019-7780", "CVE-2019-7781", "CVE-2019-7782", "CVE-2019-7783", "CVE-2019-7784", "CVE-2019-7785", "CVE-2019-7786", "CVE-2019-7787", "CVE-2019-7788", "CVE-2019-7789", "CVE-2019-7790", "CVE-2019-7791", "CVE-2019-7792", "CVE-2019-7793", "CVE-2019-7794", "CVE-2019-7795", "CVE-2019-7796", "CVE-2019-7797", "CVE-2019-7798", "CVE-2019-7799", "CVE-2019-7800", "CVE-2019-7801", "CVE-2019-7802", "CVE-2019-7803", "CVE-2019-7804", "CVE-2019-7805", "CVE-2019-7806", "CVE-2019-7807", "CVE-2019-7808", "CVE-2019-7809", "CVE-2019-7810", "CVE-2019-7811", "CVE-2019-7812", "CVE-2019-7813", "CVE-2019-7814", "CVE-2019-7817", "CVE-2019-7818", "CVE-2019-7820", "CVE-2019-7821", "CVE-2019-7822", "CVE-2019-7823", "CVE-2019-7824", "CVE-2019-7825", "CVE-2019-7826", "CVE-2019-7827", "CVE-2019-7828", "CVE-2019-7829", "CVE-2019-7830", "CVE-2019-7831", "CVE-2019-7832", "CVE-2019-7833", "CVE-2019-7834", "CVE-2019-7835", "CVE-2019-7836", "CVE-2019-7841", "CVE-2019-7966", "CVE-2019-7967", "CVE-2019-8238"], "modified": "2019-05-14T00:00:00", "id": "APSB19-18", "href": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
