Summary
This host has Adobe Reader installed which is prone to multiple vulnerabilities.
Impact
Successful exploitation allows remote attackers to execute arbitrary code, write arbitrary files or folders to the filesystem, escalate local privileges, or cause a denial of service on an affected system by tricking the user to open a malicious PDF document.
Impact Level: System/Application
Solution
Upgrade to Adobe Reader versions 9.2, 8.1.7, or 7.1.4 or later.
For updates refer to http://www.adobe.com/downloads/
Insight
For more information about the vulnerabilities refer the links mentioned in references.
Affected
Adobe Reader version 7.x before 7.1.4, 8.x before 8.1.7 and 9.x before 9.2 on Linux.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
- http://secunia.com/advisories/36983
- http://securitytracker.com/alerts/2009/Oct/1023007.html
- http://www.adobe.com/support/security/bulletins/apsb09-15.html
- http://www.vupen.com/english/advisories/2009/2851
- http://www.vupen.com/english/advisories/2009/2898
- http://xforce.iss.net/xforce/xfdb/53691
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
- Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability