Adobe Acrobat Pro DC XFA calculate Event Use-After-Free Remote Code Execution Vulnerability
2019-10-15T00:00:00
ID ZDI-19-878 Type zdi Reporter peternguyen (meepwn ctf) Modified 2019-06-22T00:00:00
Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the calculate event of XFA field elements. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
{"id": "ZDI-19-878", "bulletinFamily": "info", "title": "Adobe Acrobat Pro DC XFA calculate Event Use-After-Free Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the calculate event of XFA field elements. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.", "published": "2019-10-15T00:00:00", "modified": "2019-06-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-878/", "reporter": "peternguyen (meepwn ctf)", "references": ["https://helpx.adobe.com/security/products/acrobat/apsb19-49.html"], "cvelist": ["CVE-2019-8177"], "type": "zdi", "lastseen": "2020-06-22T11:40:57", "edition": 1, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-8177"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815808", "OPENVAS:1361412562310815812", "OPENVAS:1361412562310815810", "OPENVAS:1361412562310815809", "OPENVAS:1361412562310815804", "OPENVAS:1361412562310815803", "OPENVAS:1361412562310815807", "OPENVAS:1361412562310815805", "OPENVAS:1361412562310815806", "OPENVAS:1361412562310815802"]}, {"type": "nessus", "idList": ["MACOS_ADOBE_ACROBAT_APSB19-49.NASL", "ADOBE_READER_APSB19-49.NASL", "MACOS_ADOBE_READER_APSB19-49.NASL", "ADOBE_ACROBAT_APSB19-49.NASL"]}], "modified": "2020-06-22T11:40:57", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2020-06-22T11:40:57", "rev": 2}, "vulnersScore": 5.8}}
{"cve": [{"lastseen": "2021-02-02T07:13:05", "description": "Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-17T21:15:00", "title": "CVE-2019-8177", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8177"], "modified": "2019-10-24T14:12:00", "cpe": [], "id": "CVE-2019-8177", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8177", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "kaspersky": [{"lastseen": "2020-09-02T11:54:59", "bulletinFamily": "info", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "### *Detect date*:\n09/15/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.\n\n### *Affected products*:\nAdobe Acrobat DC (Continuous track) earlier than 2019.021.20047 \nAdobe Acrobat Reader DC (Continuous track) earlier than 2019.021.20047 \nAdobe Acrobat 2017 (Classic 2017 track) earlier than 2017.011.30150 \nAdobe Acrobat Reader 2017 (Classic 2017 track) earlier than 2017.011.30150 \nAdobe Acrobat (Classic 2015 track) earlier than 2015.006.30504 \nAdobe Acrobat Reader (Classic 2015 track) earlier than 2015.006.30504\n\n### *Solution*:\nUpdate to the latest version \n[Download Adobe Acrobat Reader DC](<https://get.adobe.com/ru/reader/>)\n\n### *Original advisories*:\n[APSB19-49](<https://helpx.adobe.com/security/products/acrobat/apsb19-49.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Acrobat Reader DC Continuous](<https://threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Continuous/>)\n\n### *CVE-IDS*:\n[CVE-2019-8169](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8169>)0.0Unknown \n[CVE-2019-8183](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8183>)0.0Unknown \n[CVE-2019-8218](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8218>)0.0Unknown \n[CVE-2019-8186](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8186>)0.0Unknown \n[CVE-2019-8216](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8216>)0.0Unknown \n[CVE-2019-8203](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8203>)0.0Unknown \n[CVE-2019-8194](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8194>)0.0Unknown \n[CVE-2019-8173](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8173>)0.0Unknown \n[CVE-2019-8190](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8190>)0.0Unknown \n[CVE-2019-8220](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8220>)0.0Unknown \n[CVE-2019-8207](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8207>)0.0Unknown \n[CVE-2019-8064](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8064>)0.0Unknown \n[CVE-2019-8198](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8198>)0.0Unknown \n[CVE-2019-8181](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8181>)0.0Unknown \n[CVE-2019-8182](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8182>)0.0Unknown \n[CVE-2019-8219](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8219>)0.0Unknown \n[CVE-2019-8209](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8209>)0.0Unknown \n[CVE-2019-8205](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8205>)0.0Unknown \n[CVE-2019-8206](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8206>)0.0Unknown \n[CVE-2019-8222](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8222>)0.0Unknown \n[CVE-2019-8202](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8202>)0.0Unknown \n[CVE-2019-8226](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8226>)0.0Unknown \n[CVE-2019-8193](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8193>)0.0Unknown \n[CVE-2019-8195](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8195>)0.0Unknown \n[CVE-2019-8168](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8168>)0.0Unknown \n[CVE-2019-8200](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8200>)0.0Unknown \n[CVE-2019-8167](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8167>)0.0Unknown \n[CVE-2019-8197](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8197>)0.0Unknown \n[CVE-2019-8170](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8170>)0.0Unknown \n[CVE-2019-8217](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8217>)0.0Unknown \n[CVE-2019-8162](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8162>)0.0Unknown \n[CVE-2019-8199](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8199>)0.0Unknown \n[CVE-2019-8196](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8196>)0.0Unknown \n[CVE-2019-8174](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8174>)0.0Unknown \n[CVE-2019-8178](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8178>)0.0Unknown \n[CVE-2019-8225](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8225>)0.0Unknown \n[CVE-2019-8160](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8160>)0.0Unknown \n[CVE-2019-8224](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8224>)0.0Unknown \n[CVE-2019-8177](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8177>)0.0Unknown \n[CVE-2019-8204](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8204>)0.0Unknown \n[CVE-2019-8210](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8210>)0.0Unknown \n[CVE-2019-8164](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8164>)0.0Unknown \n[CVE-2019-8185](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8185>)0.0Unknown \n[CVE-2019-8212](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8212>)0.0Unknown \n[CVE-2019-8201](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8201>)0.0Unknown \n[CVE-2019-8215](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8215>)0.0Unknown \n[CVE-2019-8165](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8165>)0.0Unknown \n[CVE-2019-8187](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8187>)0.0Unknown \n[CVE-2019-8188](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8188>)0.0Unknown \n[CVE-2019-8208](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8208>)0.0Unknown \n[CVE-2019-8223](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8223>)0.0Unknown \n[CVE-2019-8184](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8184>)0.0Unknown \n[CVE-2019-8191](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8191>)0.0Unknown \n[CVE-2019-8172](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8172>)0.0Unknown \n[CVE-2019-8175](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8175>)0.0Unknown \n[CVE-2019-8180](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8180>)0.0Unknown \n[CVE-2019-8179](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8179>)0.0Unknown \n[CVE-2019-8163](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8163>)0.0Unknown \n[CVE-2019-8171](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8171>)0.0Unknown \n[CVE-2019-8161](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8161>)0.0Unknown \n[CVE-2019-8221](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8221>)0.0Unknown \n[CVE-2019-8189](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8189>)0.0Unknown \n[CVE-2019-8176](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8176>)0.0Unknown \n[CVE-2019-8214](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8214>)0.0Unknown \n[CVE-2019-8192](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8192>)0.0Unknown \n[CVE-2019-8213](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8213>)0.0Unknown \n[CVE-2019-8211](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8211>)0.0Unknown \n[CVE-2019-8166](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8166>)0.0Unknown", "edition": 1, "modified": "2020-05-22T00:00:00", "published": "2019-09-15T00:00:00", "id": "KLA11583", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11583", "title": "\r KLA11583Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-10-23T12:50:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815805", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815805", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-49) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815805\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 12:01:55 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-49) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2019.012.20040 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Continuous\n version 2019.021.20047 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20040 == 19.012.20040\nif(version_is_less_equal(version:vers, test_version:\"19.012.20040\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.021.20047 (2019.021.20047)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:50:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815809", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-49) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815809\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 12:02:55 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-49) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC Classic 2015 version\n 2015.x before 2015.006.30504 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30504 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30503 == 15.006.30503\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30503\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30504 (2015.006.30504)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:51:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815803", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815803", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-49) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815803\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 12:00:50 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-49) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30504 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30504 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30503 == 15.006.30503\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30503\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30504 (2015.006.30504)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:51:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815808", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815808", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates (apsb19-49)-Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815808\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 11:08:11 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates (apsb19-49)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader versions 2017.011.30148\n and earlier on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30150 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30148 == 17.011.30148\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30148\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30150 (2017.011.30150)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:50:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815812", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815812", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-49) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815812\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 11:08:11 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-49) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.012.20040 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.021.20047 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20040 == 19.012.20040\nif(version_is_less_equal(version:vers, test_version:\"19.012.20040\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.021.20047 (2019.021.20047)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:51:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815804", "type": "openvas", "title": "Adobe Acrobat DC (Classic Track) Security Updates (apsb19-49) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815804\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 11:08:11 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat DC (Classic Track) Security Updates (apsb19-49) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC Classic 2015 version 2015.x\n before 2015.006.30504 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30504 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30503 == 15.006.30503\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30503\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30504 (2015.006.30504)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:50:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815810", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815810", "type": "openvas", "title": "Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-49) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_classic\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815810\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 11:08:11 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Classic Track) Security Updates (apsb19-49) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat\n Reader DC Classic 2015 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC Classic 2015 version\n 2015.x before 2015.006.30504 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Classic 2015 version\n 2015.006.30504 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_classic_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Classic/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2015.006.30503 == 15.006.30503\nif(version_in_range(version:vers, test_version:\"15.0\", test_version2:\"15.006.30503\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"15.006.30504 (2015.006.30504)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:51:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815806", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815806", "type": "openvas", "title": "Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-49) - Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815806\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 11:08:11 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat DC (Continuous Track) Security Updates (apsb19-49) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat DC\n (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat DC (Continuous Track)\n 2019.012.20040 and earlier versions on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat DC Continuous\n version 2019.021.20047 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_dc_cont_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/AcrobatDC/Continuous/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20040 == 19.012.20040\nif(version_is_less_equal(version:vers, test_version:\"19.012.20040\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.021.20047 (2019.021.20047)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:51:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815811", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815811", "type": "openvas", "title": "Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-49) - Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader_dc_continuous\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815811\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 12:03:47 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader DC (Continuous Track) Security Updates (apsb19-49) - Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n DC (Continuous Track) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader DC (Continuous Track)\n 2019.012.20040 and earlier versions on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader DC Continuous\n version 2019.021.20047 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_acrobat_reader_dc_cont_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Acrobat/ReaderDC/Continuous/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\n## 2019.012.20040 == 19.012.20040\nif(version_is_less_equal(version:vers, test_version:\"19.012.20040\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"19.021.20047 (2019.021.20047)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-23T12:50:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "description": "This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.", "modified": "2019-10-17T00:00:00", "published": "2019-10-16T00:00:00", "id": "OPENVAS:1361412562310815807", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815807", "type": "openvas", "title": "Adobe Acrobat Reader 2017 Security Updates (apsb19-49)-Mac OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815807\");\n script_version(\"2019-10-17T05:12:29+0000\");\n script_cve_id(\"CVE-2019-8064\", \"CVE-2019-8160\", \"CVE-2019-8161\", \"CVE-2019-8162\",\n \"CVE-2019-8163\", \"CVE-2019-8164\", \"CVE-2019-8165\", \"CVE-2019-8166\",\n \"CVE-2019-8167\", \"CVE-2019-8168\", \"CVE-2019-8169\", \"CVE-2019-8170\",\n \"CVE-2019-8171\", \"CVE-2019-8172\", \"CVE-2019-8173\", \"CVE-2019-8174\",\n \"CVE-2019-8175\", \"CVE-2019-8176\", \"CVE-2019-8177\", \"CVE-2019-8178\",\n \"CVE-2019-8179\", \"CVE-2019-8180\", \"CVE-2019-8181\", \"CVE-2019-8182\",\n \"CVE-2019-8183\", \"CVE-2019-8184\", \"CVE-2019-8185\", \"CVE-2019-8186\",\n \"CVE-2019-8187\", \"CVE-2019-8188\", \"CVE-2019-8189\", \"CVE-2019-8190\",\n \"CVE-2019-8191\", \"CVE-2019-8192\", \"CVE-2019-8193\", \"CVE-2019-8194\",\n \"CVE-2019-8195\", \"CVE-2019-8196\", \"CVE-2019-8197\", \"CVE-2019-8198\",\n \"CVE-2019-8199\", \"CVE-2019-8200\", \"CVE-2019-8201\", \"CVE-2019-8202\",\n \"CVE-2019-8203\", \"CVE-2019-8204\", \"CVE-2019-8205\", \"CVE-2019-8206\",\n \"CVE-2019-8207\", \"CVE-2019-8208\", \"CVE-2019-8209\", \"CVE-2019-8210\",\n \"CVE-2019-8211\", \"CVE-2019-8212\", \"CVE-2019-8213\", \"CVE-2019-8214\",\n \"CVE-2019-8215\", \"CVE-2019-8216\", \"CVE-2019-8217\", \"CVE-2019-8218\",\n \"CVE-2019-8219\", \"CVE-2019-8220\", \"CVE-2019-8221\", \"CVE-2019-8222\",\n \"CVE-2019-8223\", \"CVE-2019-8224\", \"CVE-2019-8225\", \"CVE-2019-8226\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-17 05:12:29 +0000 (Thu, 17 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-16 12:02:40 +0530 (Wed, 16 Oct 2019)\");\n script_name(\"Adobe Acrobat Reader 2017 Security Updates (apsb19-49)-Mac OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Acrobat Reader\n 2017 and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple out-of-bounds read errors.\n\n - Multiple out-of-bounds write errors.\n\n - Multiple type confusion errors.\n\n - Multiple use after free errors.\n\n - Multiple heap overflow errors.\n\n - A buffer overrun error.\n\n - A cross site scripting error.\n\n - A race condition error.\n\n - An incomplete implementation of security mechanism.\n\n - An untrusted pointer dereference error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain access to sensitive information and run arbitrary code in context of\n current user.\");\n\n script_tag(name:\"affected\", value:\"Adobe Acrobat Reader versions 2017.011.30148\n and earlier on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Acrobat Reader 2017 version\n 2017.011.30150 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\n## 2017.011.30148 == 17.011.30148\nif(version_in_range(version:vers, test_version:\"17.0\", test_version2:\"17.011.30148\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"17.011.30150 (2017.011.30150)\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-02-01T01:15:26", "description": "The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-16T00:00:00", "title": "Adobe Acrobat <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "ADOBE_ACROBAT_APSB19-49.NASL", "href": "https://www.tenable.com/plugins/nessus/129977", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129977);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2019-8064\",\n \"CVE-2019-8160\",\n \"CVE-2019-8161\",\n \"CVE-2019-8162\",\n \"CVE-2019-8163\",\n \"CVE-2019-8164\",\n \"CVE-2019-8165\",\n \"CVE-2019-8166\",\n \"CVE-2019-8167\",\n \"CVE-2019-8168\",\n \"CVE-2019-8169\",\n \"CVE-2019-8170\",\n \"CVE-2019-8171\",\n \"CVE-2019-8172\",\n \"CVE-2019-8173\",\n \"CVE-2019-8174\",\n \"CVE-2019-8175\",\n \"CVE-2019-8176\",\n \"CVE-2019-8177\",\n \"CVE-2019-8178\",\n \"CVE-2019-8179\",\n \"CVE-2019-8180\",\n \"CVE-2019-8181\",\n \"CVE-2019-8182\",\n \"CVE-2019-8183\",\n \"CVE-2019-8184\",\n \"CVE-2019-8185\",\n \"CVE-2019-8186\",\n \"CVE-2019-8187\",\n \"CVE-2019-8188\",\n \"CVE-2019-8189\",\n \"CVE-2019-8190\",\n \"CVE-2019-8191\",\n \"CVE-2019-8192\",\n \"CVE-2019-8193\",\n \"CVE-2019-8194\",\n \"CVE-2019-8195\",\n \"CVE-2019-8196\",\n \"CVE-2019-8197\",\n \"CVE-2019-8198\",\n \"CVE-2019-8199\",\n \"CVE-2019-8200\",\n \"CVE-2019-8201\",\n \"CVE-2019-8202\",\n \"CVE-2019-8203\",\n \"CVE-2019-8204\",\n \"CVE-2019-8205\",\n \"CVE-2019-8206\",\n \"CVE-2019-8207\",\n \"CVE-2019-8208\",\n \"CVE-2019-8209\",\n \"CVE-2019-8210\",\n \"CVE-2019-8211\",\n \"CVE-2019-8212\",\n \"CVE-2019-8213\",\n \"CVE-2019-8214\",\n \"CVE-2019-8215\",\n \"CVE-2019-8216\",\n \"CVE-2019-8217\",\n \"CVE-2019-8218\",\n \"CVE-2019-8219\",\n \"CVE-2019-8220\",\n \"CVE-2019-8221\",\n \"CVE-2019-8222\",\n \"CVE-2019-8223\",\n \"CVE-2019-8224\",\n \"CVE-2019-8225\",\n \"CVE-2019-8226\"\n );\n\n script_name(english:\"Adobe Acrobat <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20b7a288\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2015.006.30504 or 2017.011.30150 \n or 2019.021.20047 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8171\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_acrobat_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Adobe Acrobat', win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.6', 'max_version' : '15.006.30503', 'fixed_version' : '15.006.30504' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30148', 'fixed_version' : '17.011.30150' },\n { 'min_version' : '15.7', 'max_version' : '19.012.20040', 'fixed_version' : '19.021.20047' }\n];\n\nvcf::adobe_reader::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n max_segs:3\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T01:16:44", "description": "The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-16T00:00:00", "title": "Adobe Reader <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "ADOBE_READER_APSB19-49.NASL", "href": "https://www.tenable.com/plugins/nessus/129978", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129978);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2019-8064\",\n \"CVE-2019-8160\",\n \"CVE-2019-8161\",\n \"CVE-2019-8162\",\n \"CVE-2019-8163\",\n \"CVE-2019-8164\",\n \"CVE-2019-8165\",\n \"CVE-2019-8166\",\n \"CVE-2019-8167\",\n \"CVE-2019-8168\",\n \"CVE-2019-8169\",\n \"CVE-2019-8170\",\n \"CVE-2019-8171\",\n \"CVE-2019-8172\",\n \"CVE-2019-8173\",\n \"CVE-2019-8174\",\n \"CVE-2019-8175\",\n \"CVE-2019-8176\",\n \"CVE-2019-8177\",\n \"CVE-2019-8178\",\n \"CVE-2019-8179\",\n \"CVE-2019-8180\",\n \"CVE-2019-8181\",\n \"CVE-2019-8182\",\n \"CVE-2019-8183\",\n \"CVE-2019-8184\",\n \"CVE-2019-8185\",\n \"CVE-2019-8186\",\n \"CVE-2019-8187\",\n \"CVE-2019-8188\",\n \"CVE-2019-8189\",\n \"CVE-2019-8190\",\n \"CVE-2019-8191\",\n \"CVE-2019-8192\",\n \"CVE-2019-8193\",\n \"CVE-2019-8194\",\n \"CVE-2019-8195\",\n \"CVE-2019-8196\",\n \"CVE-2019-8197\",\n \"CVE-2019-8198\",\n \"CVE-2019-8199\",\n \"CVE-2019-8200\",\n \"CVE-2019-8201\",\n \"CVE-2019-8202\",\n \"CVE-2019-8203\",\n \"CVE-2019-8204\",\n \"CVE-2019-8205\",\n \"CVE-2019-8206\",\n \"CVE-2019-8207\",\n \"CVE-2019-8208\",\n \"CVE-2019-8209\",\n \"CVE-2019-8210\",\n \"CVE-2019-8211\",\n \"CVE-2019-8212\",\n \"CVE-2019-8213\",\n \"CVE-2019-8214\",\n \"CVE-2019-8215\",\n \"CVE-2019-8216\",\n \"CVE-2019-8217\",\n \"CVE-2019-8218\",\n \"CVE-2019-8219\",\n \"CVE-2019-8220\",\n \"CVE-2019-8221\",\n \"CVE-2019-8222\",\n \"CVE-2019-8223\",\n \"CVE-2019-8224\",\n \"CVE-2019-8225\",\n \"CVE-2019-8226\"\n );\n\n script_name(english:\"Adobe Reader <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n\n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20b7a288\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2015.006.30504 or 2017.011.30150 \n or 2019.021.20047 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8171\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_reader_installed.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Adobe Reader', win_local:TRUE);\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.6', 'max_version' : '15.006.30503', 'fixed_version' : '15.006.30504' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30148', 'fixed_version' : '17.011.30150' },\n { 'min_version' : '15.7', 'max_version' : '19.012.20040', 'fixed_version' : '19.021.20047' }\n];\n\nvcf::adobe_reader::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n max_segs:3\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T03:36:31", "description": "The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2015.006.30503,\n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n \n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-16T00:00:00", "title": "Adobe Reader <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat_reader"], "id": "MACOS_ADOBE_READER_APSB19-49.NASL", "href": "https://www.tenable.com/plugins/nessus/129976", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129976);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2019-8064\",\n \"CVE-2019-8160\",\n \"CVE-2019-8161\",\n \"CVE-2019-8162\",\n \"CVE-2019-8163\",\n \"CVE-2019-8164\",\n \"CVE-2019-8165\",\n \"CVE-2019-8166\",\n \"CVE-2019-8167\",\n \"CVE-2019-8168\",\n \"CVE-2019-8169\",\n \"CVE-2019-8170\",\n \"CVE-2019-8171\",\n \"CVE-2019-8172\",\n \"CVE-2019-8173\",\n \"CVE-2019-8174\",\n \"CVE-2019-8175\",\n \"CVE-2019-8176\",\n \"CVE-2019-8177\",\n \"CVE-2019-8178\",\n \"CVE-2019-8179\",\n \"CVE-2019-8180\",\n \"CVE-2019-8181\",\n \"CVE-2019-8182\",\n \"CVE-2019-8183\",\n \"CVE-2019-8184\",\n \"CVE-2019-8185\",\n \"CVE-2019-8186\",\n \"CVE-2019-8187\",\n \"CVE-2019-8188\",\n \"CVE-2019-8189\",\n \"CVE-2019-8190\",\n \"CVE-2019-8191\",\n \"CVE-2019-8192\",\n \"CVE-2019-8193\",\n \"CVE-2019-8194\",\n \"CVE-2019-8195\",\n \"CVE-2019-8196\",\n \"CVE-2019-8197\",\n \"CVE-2019-8198\",\n \"CVE-2019-8199\",\n \"CVE-2019-8200\",\n \"CVE-2019-8201\",\n \"CVE-2019-8202\",\n \"CVE-2019-8203\",\n \"CVE-2019-8204\",\n \"CVE-2019-8205\",\n \"CVE-2019-8206\",\n \"CVE-2019-8207\",\n \"CVE-2019-8208\",\n \"CVE-2019-8209\",\n \"CVE-2019-8210\",\n \"CVE-2019-8211\",\n \"CVE-2019-8212\",\n \"CVE-2019-8213\",\n \"CVE-2019-8214\",\n \"CVE-2019-8215\",\n \"CVE-2019-8216\",\n \"CVE-2019-8217\",\n \"CVE-2019-8218\",\n \"CVE-2019-8219\",\n \"CVE-2019-8220\",\n \"CVE-2019-8221\",\n \"CVE-2019-8222\",\n \"CVE-2019-8223\",\n \"CVE-2019-8224\",\n \"CVE-2019-8225\",\n \"CVE-2019-8226\"\n );\n\n script_name(english:\"Adobe Reader <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Reader installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Reader installed on the remote macOS host is a version prior or equal to 2015.006.30503,\n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n \n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20b7a288\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Reader version 2015.006.30504 or 2017.011.30150 \n or 2019.021.20047 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8171\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_reader_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\nos = get_kb_item('Host/MacOSX/Version');\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');\n\napp_info = vcf::get_app_info(app:'Adobe Reader');\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.6', 'max_version' : '15.006.30503', 'fixed_version' : '15.006.30504' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30148', 'fixed_version' : '17.011.30150' },\n { 'min_version' : '15.7', 'max_version' : '19.012.20040', 'fixed_version' : '19.021.20047' }\n];\n\nvcf::adobe_reader::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n max_segs:3\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T03:36:14", "description": "The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n \n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-16T00:00:00", "title": "Adobe Acrobat <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49) (macOS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8183", "CVE-2019-8180", "CVE-2019-8181", "CVE-2019-8219", "CVE-2019-8185", "CVE-2019-8215", "CVE-2019-8176", "CVE-2019-8216", "CVE-2019-8190", "CVE-2019-8162", "CVE-2019-8161", "CVE-2019-8184", "CVE-2019-8195", "CVE-2019-8191", "CVE-2019-8200", "CVE-2019-8193", "CVE-2019-8160", "CVE-2019-8177", "CVE-2019-8169", "CVE-2019-8199", "CVE-2019-8167", "CVE-2019-8210", "CVE-2019-8217", "CVE-2019-8222", "CVE-2019-8196", "CVE-2019-8225", "CVE-2019-8203", "CVE-2019-8188", "CVE-2019-8194", "CVE-2019-8187", "CVE-2019-8192", "CVE-2019-8211", "CVE-2019-8221", "CVE-2019-8179", "CVE-2019-8163", "CVE-2019-8172", "CVE-2019-8197", "CVE-2019-8168", "CVE-2019-8189", "CVE-2019-8164", "CVE-2019-8208", "CVE-2019-8204", "CVE-2019-8226", "CVE-2019-8182", "CVE-2019-8170", "CVE-2019-8205", "CVE-2019-8174", "CVE-2019-8213", "CVE-2019-8201", "CVE-2019-8224", "CVE-2019-8178", "CVE-2019-8198", "CVE-2019-8212", "CVE-2019-8209", "CVE-2019-8214", "CVE-2019-8166", "CVE-2019-8223", "CVE-2019-8175", "CVE-2019-8207", "CVE-2019-8218", "CVE-2019-8220", "CVE-2019-8173", "CVE-2019-8186", "CVE-2019-8064", "CVE-2019-8202", "CVE-2019-8165", "CVE-2019-8171", "CVE-2019-8206"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:adobe:acrobat"], "id": "MACOS_ADOBE_ACROBAT_APSB19-49.NASL", "href": "https://www.tenable.com/plugins/nessus/129975", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129975);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2019-8064\",\n \"CVE-2019-8160\",\n \"CVE-2019-8161\",\n \"CVE-2019-8162\",\n \"CVE-2019-8163\",\n \"CVE-2019-8164\",\n \"CVE-2019-8165\",\n \"CVE-2019-8166\",\n \"CVE-2019-8167\",\n \"CVE-2019-8168\",\n \"CVE-2019-8169\",\n \"CVE-2019-8170\",\n \"CVE-2019-8171\",\n \"CVE-2019-8172\",\n \"CVE-2019-8173\",\n \"CVE-2019-8174\",\n \"CVE-2019-8175\",\n \"CVE-2019-8176\",\n \"CVE-2019-8177\",\n \"CVE-2019-8178\",\n \"CVE-2019-8179\",\n \"CVE-2019-8180\",\n \"CVE-2019-8181\",\n \"CVE-2019-8182\",\n \"CVE-2019-8183\",\n \"CVE-2019-8184\",\n \"CVE-2019-8185\",\n \"CVE-2019-8186\",\n \"CVE-2019-8187\",\n \"CVE-2019-8188\",\n \"CVE-2019-8189\",\n \"CVE-2019-8190\",\n \"CVE-2019-8191\",\n \"CVE-2019-8192\",\n \"CVE-2019-8193\",\n \"CVE-2019-8194\",\n \"CVE-2019-8195\",\n \"CVE-2019-8196\",\n \"CVE-2019-8197\",\n \"CVE-2019-8198\",\n \"CVE-2019-8199\",\n \"CVE-2019-8200\",\n \"CVE-2019-8201\",\n \"CVE-2019-8202\",\n \"CVE-2019-8203\",\n \"CVE-2019-8204\",\n \"CVE-2019-8205\",\n \"CVE-2019-8206\",\n \"CVE-2019-8207\",\n \"CVE-2019-8208\",\n \"CVE-2019-8209\",\n \"CVE-2019-8210\",\n \"CVE-2019-8211\",\n \"CVE-2019-8212\",\n \"CVE-2019-8213\",\n \"CVE-2019-8214\",\n \"CVE-2019-8215\",\n \"CVE-2019-8216\",\n \"CVE-2019-8217\",\n \"CVE-2019-8218\",\n \"CVE-2019-8219\",\n \"CVE-2019-8220\",\n \"CVE-2019-8221\",\n \"CVE-2019-8222\",\n \"CVE-2019-8223\",\n \"CVE-2019-8224\",\n \"CVE-2019-8225\",\n \"CVE-2019-8226\"\n );\n\n script_name(english:\"Adobe Acrobat <= 2015.006.30503 / 2017.011.30148 / 2019.012.20040 Multiple Vulnerabilities (APSB19-49) (macOS)\");\n script_summary(english:\"Checks the version of Adobe Acrobat.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Acrobat installed on the remote macOS host is a version prior or equal to 2015.006.30503, \n2017.011.30148, or 2019.012.20040. It is, therefore, affected by multiple vulnerabilities.\n \n - Out-of-Bounds Read potentially leading to Information Disclosure \n (CVE-2019-8064, CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, \n CVE-2019-8184, CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, \n CVE-2019-8201, CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)\n\n - Out-of-Bounds Write potentially leading to Arbitrary Code Execution \n (CVE-2019-8165, CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)\n\n - Use After Free potentially leading to Arbitrary Code Execution \n (CVE-2019-8175, CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, \n CVE-2019-8187, CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, \n CVE-2019-8211, CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, \n CVE-2019-8220, CVE-2019-8221, CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://helpx.adobe.com/security/products/acrobat/apsb19-49.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?20b7a288\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Acrobat version 2015.006.30504 or 2017.011.30150 \n or 2019.021.20047 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8171\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:acrobat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_acrobat_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Acrobat\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\nos = get_kb_item('Host/MacOSX/Version');\nif (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');\n\napp_info = vcf::get_app_info(app:'Adobe Acrobat');\n\n# vcf::adobe_reader::check_version_and_report will\n# properly separate tracks when checking constraints.\n# x.y.30zzz = DC Classic\n# x.y.20zzz = DC Continuous\nconstraints = [\n { 'min_version' : '15.6', 'max_version' : '15.006.30503', 'fixed_version' : '15.006.30504' },\n { 'min_version' : '17.8', 'max_version' : '17.011.30148', 'fixed_version' : '17.011.30150' },\n { 'min_version' : '15.7', 'max_version' : '19.012.20040', 'fixed_version' : '19.021.20047' }\n];\n\nvcf::adobe_reader::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n max_segs:3\n);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
