Executive Summary

Summary
Title Adobe Reader: Multiple vulnerabilities
Informations
Name GLSA-201101-08 First vendor Publication 2011-01-21
Vendor Gentoo Last vendor Modification 2011-01-21
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code.

Background

Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader.

Description

Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.

Impact

A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Reader users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.1"

References

[ 1 ] APSB10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html [ 2 ] APSB10-28
http://www.adobe.com/support/security/bulletins/apsb10-28.html [ 3 ] CVE-2010-2883 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883
[ 4 ] CVE-2010-2884 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
[ 5 ] CVE-2010-2887 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887
[ 6 ] CVE-2010-2889 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889
[ 7 ] CVE-2010-2890 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890
[ 8 ] CVE-2010-3619 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619
[ 9 ] CVE-2010-3620 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620
[ 10 ] CVE-2010-3621 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621
[ 11 ] CVE-2010-3622 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622
[ 12 ] CVE-2010-3625 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625
[ 13 ] CVE-2010-3626 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626
[ 14 ] CVE-2010-3627 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627
[ 15 ] CVE-2010-3628 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628
[ 16 ] CVE-2010-3629 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629
[ 17 ] CVE-2010-3630 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630
[ 18 ] CVE-2010-3632 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632
[ 19 ] CVE-2010-3654 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
[ 20 ] CVE-2010-3656 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656
[ 21 ] CVE-2010-3657 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657
[ 22 ] CVE-2010-3658 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658
[ 23 ] CVE-2010-4091 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201101-08.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201101-08.xml

CWE : Common Weakness Enumeration

% Id Name
62 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
31 % CWE-20 Improper Input Validation
6 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11586
 
Oval ID: oval:org.mitre.oval:def:11586
Title: Adobe Reader and Acrobat CoolType.dll Font Parsing Buffer Overflow Vulnerability
Description: Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2883
Version: 20
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12527
 
Oval ID: oval:org.mitre.oval:def:12527
Title: Denial of service vulnerability in EScript.api plugin in Adobe Acrobat and Adobe Reader 9.4.0, 8.1.7 and other versions using a crafted PDF document
Description: The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4091
Version: 14
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Adobe Acrobat
Adobe Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13294
 
Oval ID: oval:org.mitre.oval:def:13294
Title: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3654
Version: 24
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe Acrobat
Adobe Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14416
 
Oval ID: oval:org.mitre.oval:def:14416
Title: DEPRECATED: Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors.
Description: Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2887
Version: 12
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Adobe Acrobat
Adobe Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21982
 
Oval ID: oval:org.mitre.oval:def:21982
Title: RHSA-2010:0706: flash-plugin security update (Critical)
Description: Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0706-01
CVE-2010-2884
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22102
 
Oval ID: oval:org.mitre.oval:def:22102
Title: RHSA-2010:0867: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0867-02
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 198
Platform(s): Red Hat Enterprise Linux 6
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22268
 
Oval ID: oval:org.mitre.oval:def:22268
Title: RHSA-2010:0934: acroread security update (Critical)
Description: The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): RHSA-2010:0934-02
CVE-2010-3654
CVE-2010-4091
Version: 29
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22281
 
Oval ID: oval:org.mitre.oval:def:22281
Title: DEPRECATED: ELSA-2010:0934: acroread security update (Critical)
Description: The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2010:0934-02
CVE-2010-3654
CVE-2010-4091
Version: 14
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22325
 
Oval ID: oval:org.mitre.oval:def:22325
Title: RHSA-2010:0829: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0829-01
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 198
Platform(s): Red Hat Enterprise Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22336
 
Oval ID: oval:org.mitre.oval:def:22336
Title: RHSA-2010:0743: acroread security update (Critical)
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.
Family: unix Class: patch
Reference(s): RHSA-2010:0743-01
CVE-2010-2883
CVE-2010-2884
CVE-2010-2887
CVE-2010-2889
CVE-2010-2890
CVE-2010-3619
CVE-2010-3620
CVE-2010-3621
CVE-2010-3622
CVE-2010-3625
CVE-2010-3626
CVE-2010-3627
CVE-2010-3628
CVE-2010-3629
CVE-2010-3630
CVE-2010-3632
CVE-2010-3656
CVE-2010-3657
CVE-2010-3658
Version: 250
Platform(s): Red Hat Enterprise Linux 5
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22988
 
Oval ID: oval:org.mitre.oval:def:22988
Title: ELSA-2010:0743: acroread security update (Critical)
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.
Family: unix Class: patch
Reference(s): ELSA-2010:0743-01
CVE-2010-2883
CVE-2010-2884
CVE-2010-2887
CVE-2010-2889
CVE-2010-2890
CVE-2010-3619
CVE-2010-3620
CVE-2010-3621
CVE-2010-3622
CVE-2010-3625
CVE-2010-3626
CVE-2010-3627
CVE-2010-3628
CVE-2010-3629
CVE-2010-3630
CVE-2010-3632
CVE-2010-3656
CVE-2010-3657
CVE-2010-3658
Version: 81
Platform(s): Oracle Linux 5
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23120
 
Oval ID: oval:org.mitre.oval:def:23120
Title: ELSA-2010:0706: flash-plugin security update (Critical)
Description: Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0706-01
CVE-2010-2884
Version: 6
Platform(s): Oracle Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23206
 
Oval ID: oval:org.mitre.oval:def:23206
Title: ELSA-2010:0829: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0829-01
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 65
Platform(s): Oracle Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23533
 
Oval ID: oval:org.mitre.oval:def:23533
Title: ELSA-2010:0867: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0867-02
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 65
Platform(s): Oracle Linux 6
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23656
 
Oval ID: oval:org.mitre.oval:def:23656
Title: ELSA-2010:0934: acroread security update (Critical)
Description: The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2010:0934-02
CVE-2010-3654
CVE-2010-4091
Version: 13
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): acroread
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6772
 
Oval ID: oval:org.mitre.oval:def:6772
Title: Adobe Reader and Acrobat Prefix Protocol Handler Code Execution Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3625
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6791
 
Oval ID: oval:org.mitre.oval:def:6791
Title: Adobe Reader and Acrobat Denial of Service Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3657
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6830
 
Oval ID: oval:org.mitre.oval:def:6830
Title: Adobe Reader and Acrobat Denial of Service Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2890
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6852
 
Oval ID: oval:org.mitre.oval:def:6852
Title: Adobe Flash Player, Acrobat Reader, and Acrobat Remote Code Execution Vulnerability
Description: Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2884
Version: 27
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7007
 
Oval ID: oval:org.mitre.oval:def:7007
Title: Adobe Reader and Acrobat Code Execution via crafted image Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3629
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7009
 
Oval ID: oval:org.mitre.oval:def:7009
Title: Adobe Reader and Acrobat Font Parsing Code Execution Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2889
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7057
 
Oval ID: oval:org.mitre.oval:def:7057
Title: Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3632
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7138
 
Oval ID: oval:org.mitre.oval:def:7138
Title: Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3622
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7225
 
Oval ID: oval:org.mitre.oval:def:7225
Title: Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3658
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7356
 
Oval ID: oval:org.mitre.oval:def:7356
Title: Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3627
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7382
 
Oval ID: oval:org.mitre.oval:def:7382
Title: Adobe Reader and Acrobat Font Parsing Code Execution Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3626
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7385
 
Oval ID: oval:org.mitre.oval:def:7385
Title: Memory Corruption via unspecified vectors vulnerability in Adobe Reader and Acrobat.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3619
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7386
 
Oval ID: oval:org.mitre.oval:def:7386
Title: Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3621
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7393
 
Oval ID: oval:org.mitre.oval:def:7393
Title: Adobe Reader and Acrobat Denial of Service and Arbitrary Code Execution Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3630
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7455
 
Oval ID: oval:org.mitre.oval:def:7455
Title: Adobe Reader and Acrobat Arbitrary Code Execution and Denial of Service Vulnerability.
Description: Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3628
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7484
 
Oval ID: oval:org.mitre.oval:def:7484
Title: Adobe Reader and Acrobat Denial of Service Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3656
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7589
 
Oval ID: oval:org.mitre.oval:def:7589
Title: Adobe Reader and Acrobat Image Parsing Code Execution Vulnerability.
Description: Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3620
Version: 19
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 140
Application 90
Application 106
Application 8

SAINT Exploits

Description Link
Adobe Flash Player Flash Content Parsing Code Execution More info here
Adobe Reader CoolType.dll buffer overflow More info here

ExploitDB Exploits

id Description
2011-04-19 Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP...
2010-11-01 Adobe Flash Player "Button" Remote Code Execution
2010-09-25 Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow
2010-09-20 Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow

OpenVAS Exploits

Date Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201201-19 (acroread)
File : nvt/glsa_201201_19.nasl
2011-09-07 Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
File : nvt/gb_macosx_su10-007.nasl
2011-03-15 Name : SuSE Update for acroread SUSE-SA:2011:011
File : nvt/gb_suse_2011_011.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash)
File : nvt/glsa_201101_09.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201101-08 (acroread)
File : nvt/glsa_201101_08.nasl
2011-02-15 Name : Adobe Reader and Acrobat Multiple Vulnerabilities February-2011 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln_feb11_win.nasl
2011-02-15 Name : Adobe Reader Multiple Vulnerabilities February-2011 (Linux)
File : nvt/gb_adobe_reader_mult_vuln_feb11_lin.nasl
2011-01-04 Name : SuSE Update for acoread SUSE-SA:2010:058
File : nvt/gb_suse_2010_058.nasl
2010-11-23 Name : Adobe Reader 'printSeps()' Function Heap Corruption Vulnerability
File : nvt/gb_adobe_reader_printseps_mem_crptn_vuln_lin.nasl
2010-11-23 Name : Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
File : nvt/gb_adobe_prdts_printseps_mem_crptn_vuln_win.nasl
2010-11-17 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin11.nasl
2010-11-16 Name : SuSE Update for flash-player SUSE-SA:2010:055
File : nvt/gb_suse_2010_055.nasl
2010-11-10 Name : Adobe Products Content Code Execution Vulnerability (Windows)
File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_win.nasl
2010-11-10 Name : Adobe Products Content Code Execution Vulnerability (Linux)
File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_lin.nasl
2010-10-19 Name : SuSE Update for acroread SUSE-SA:2010:048
File : nvt/gb_suse_2010_048.nasl
2010-10-18 Name : Adobe Reader Multiple Unspecified Vulnerabilities -Oct10 (Linux)
File : nvt/gb_adobe_reader_mult_unspecified_oct10_lin.nasl
2010-10-18 Name : Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln_oct10_win.nasl
2010-10-10 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin10.nasl
2010-10-01 Name : SuSE Update for flash-player SUSE-SA:2010:042
File : nvt/gb_suse_2010_042.nasl
2010-09-21 Name : Adobe Products Content Code Execution Vulnerability (Windows)
File : nvt/secpod_adobe_prdts_content_code_execution_vuln_win.nasl
2010-09-21 Name : Adobe Reader/Flash Player Content Code Execution Vulnerability (Linux)
File : nvt/secpod_adobe_prdts_content_code_execution_vuln_lin.nasl
2010-09-15 Name : Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
File : nvt/gb_adobe_reader_sing_bof_vuln_lin.nasl
2010-09-15 Name : Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
File : nvt/gb_adobe_prdts_sing_bof_vuln_win.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
69005 Adobe Reader EScript.api Plugin printSeps Function Memory Corruption

A memory corruption flaw exists in Adobe Reader. The flaw is caused due to an unspecified error when parsing PDF files and can be exploited to corrupt memory. With a specially crafted PDF file, it may allow execution of arbitrary code.
68932 Adobe Multiple Products Crafted SWF Movie Handling Overflow (2010-3654)

Adobe Acrobat, Flash and Reader contains a flaw that may allow a remote attacker to execute arbitrary commands or code. An unspecified error can be exploited to execute arbitrary code
68435 Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3658)

An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service.
68434 Adobe Reader / Acrobat Unspecified DoS (2010-3657)

Adobe Reader and Acrobat contain an unspecified flaw that may allow an attacker to cause a denial of service. No further details have been provided.
68433 Adobe Reader / Acrobat Unspecified DoS (2010-3656)

Adobe Reader and Acrobat contain an unspecified flaw that may allow an attacker to cause a denial of service. No further details have been provided.
68432 Adobe Reader / Acrobat Unspecified File Format String Handling Memory Corruption

A memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize user-supplied input when handling an embedded string's length in a particular file, resulting in memory corruption. With a specially crafted string within a crafted file, a context-dependent attacker can execute arbitrary code.
68430 Adobe Reader / Acrobat AcroRd32.dll sub_60AF56 Function Memory Corruption

A memory corruption flaw exists in Adobe Reader and Acrobat. The 3difr and AcroRd32.dll modules fail to sanitize user-supplied input when the 'sub_60AF56' function access violates when encounter ESI register data, resulting in memory corruption. With a specially crafted .PDF file, a context-dependent attacker can execute arbitrary code.
68429 Adobe Reader / Acrobat Unspecified Crafted Image Arbitrary Code Execution (20...

Adobe Reader and Acrobat contain a flaw related to image-parsing input validation that may allow a context-dependent attacker to use a crafted image to execute arbitrary code. No further details have been provided.
68428 Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3628)

An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service.
68427 Adobe Reader / Acrobat PDF Flash Code Handling Arbitrary Code Execution

Adobe Reader and Acrobat contain a use-after-free flaw related to a released memory chunk being invalidly used. This may allow a context-dependent attacker to use a crafted .PDF file with PAGES thumbnails to trigger an 'ACCESS_VIOLATION' and execute arbitrary code.
68426 Adobe Reader / Acrobat Unspecified Crafted Font Arbitrary Code Execution (201...

Adobe Reader and Acrobat contain an unspecified flaw that may allow a context-dependent attacker to use a crafted font to execute arbitrary code. No further details have been provided.
68425 Adobe Reader / Acrobat Prefix Protocol Handler Arbitrary Code Execution (2010...

Adobe Reader and Acrobat contain an unspecified flaw related to a prefix protocol handler vulnerability. This may allow an attacker to execute arbitrary code. No further details have been provided.
68422 Adobe Reader / Acrobat ACE.dll ICC Stream mluc Structure Handling Memory Corr...

A memory corruption flaw exists in Adobe Reader and Acrobat. The ACE.dll module fails to sanitize user-supplied input when an attacker forges an integer value derived from arithmetic performed on the second DWORD of the mulc structure and desc structure, resulting in memory corruption. With a specially crafted file or web page, a context-dependent attacker can execute arbitrary code.
68421 Adobe Reader / Acrobat ACE.dll ICC Stream Handling Memory Corruption

A memory corruption flaw exists in Adobe Reader and Acrobat. The ACE.dll module fails to sanitize user-supplied input when parsing ICC streams, resulting in memory corruption. With a specially crafted file or web page, a context-dependent attacker can overflow a stack buffer and execute arbitrary code.
68420 Adobe Reader / Acrobat Unspecified Crafted Image Arbitrary Code Execution (20...

Adobe Reader and Acrobat contain an image-parsing input validation flaw related that may allow a context-dependent attacker to use a crafted image to execute arbitrary code. No further details have been provided.
68419 Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3619)

An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service.
68418 Adobe Reader / Acrobat Unspecified Memory Corruption (2010-2890)

An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service.
68416 Adobe Reader / Acrobat Unspecified Crafted Font Arbitrary Code Execution (201...

Adobe Reader and Acrobat contains a flaw related to font-parsing input validation that may allow a context-dependent attacker to use a crafted font to execute arbitrary code. No further details have been provided.
68412 Adobe Reader / Acrobat on Linux Multiple Unspecified Privilege Escalation

Adobe Reader and Acrobat on Linux contain multiple flaws related to an insecure relative RPATH that may allow an attacker to gain access to unauthorized privileges. The issue can be exploited by malicious, local users to gain escalated privileges and execute arbitrary code by tricking a user into running the program in an attacker-controlled directory.
68024 Adobe Flash Player Unspecified Code Execution

Adobe Flash Player contains a flaw that may allow an attacker to run arbitrary code. The issue is triggered when a specially crafted .SWF file is viewed using a standalone player or within a Flash browser plugin.
67849 Adobe Reader / Acrobat CoolType.dll SING (Smart INdependent Glyphlets) Font u...

Acrobat and Reader are prone to an overflow condition. The application fails to properly sanitize the "uniqueName" field within the SING table structure of TrueType fonts resulting in a stack buffer overflow. With a specially crafted file, a context-dependent attacker can potentially cause arbitrary code execution.

Snort® IPS/IDS

Date Description
2020-01-16 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 52484 - Revision : 1 - Type : FILE-PDF
2020-01-16 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 52483 - Revision : 1 - Type : FILE-PDF
2019-12-10 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 52125 - Revision : 2 - Type : FILE-PDF
2019-12-10 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 52124 - Revision : 2 - Type : FILE-PDF
2015-03-31 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 33602 - Revision : 2 - Type : FILE-PDF
2015-03-31 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 33601 - Revision : 2 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 28727 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 28726 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 28725 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt
RuleID : 28723 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt
RuleID : 28722 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28657 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28656 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28655 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28654 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28653 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28652 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28651 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28650 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28649 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28648 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28647 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28646 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28645 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28644 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28380 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28379 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28378 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28377 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28376 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28375 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 28374 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 28261 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC remote memory corruption attempt
RuleID : 28260 - Revision : 6 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC remote memory corruption attempt
RuleID : 28257 - Revision : 7 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 28256 - Revision : 6 - Type : FILE-PDF
2014-01-10 Teletubbies exploit kit payload download
RuleID : 27887 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Teletubbies exploit kit exploit attempt for Adobe Flash Player
RuleID : 27882 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19280 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19279 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19278 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19277 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19276 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19275 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19274 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19273 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19272 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19271 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19270 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 19269 - Revision : 14 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 19268 - Revision : 14 - Type : FILE-PDF
2014-01-10 Adobe Flash Player content parsing execution attempt
RuleID : 18992 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 18991 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 18990 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 18989 - Revision : 13 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 18988 - Revision : 12 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 18987 - Revision : 15 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution...
RuleID : 18986 - Revision : 15 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader ICC mluc integer overflow attempt
RuleID : 18308 - Revision : 15 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt
RuleID : 18102 - Revision : 20 - Type : FILE-PDF
2014-01-10 Adobe Flash authplay.dll memory corruption attempt
RuleID : 17808 - Revision : 8 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player and Reader remote code execution attempt
RuleID : 17257 - Revision : 12 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Reader TTF SING table parsing remote code execution attempt
RuleID : 17233 - Revision : 13 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 15727 - Revision : 27 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_flash-player-100921.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-110302.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-101206.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-101007.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0829.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0834.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201201-19.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-110302.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-101206.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-101206.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7359.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-110301.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7358.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-110301.nasl - Type : ACT_GATHER_INFO
2011-02-09 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb11-03.nasl - Type : ACT_GATHER_INFO
2011-02-09 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb11-03.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7266.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7181.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7182.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7267.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-7165.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-7223.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201101-09.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201101-08.nasl - Type : ACT_GATHER_INFO
2010-12-09 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-101203.nasl - Type : ACT_GATHER_INFO
2010-12-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-101203.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-100921.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-101007.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0934.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-101007.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0867.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb10-28.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb10-28.nasl - Type : ACT_GATHER_INFO
2010-11-15 Name : The remote Windows host contains a version of Adobe AIR that is affected by m...
File : adobe_air_apsb10-26.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-11-08 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_76b597e4e9c611df9e10001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-11-05 Name : The remote Windows host contains a browser plug-in that is affected by multip...
File : flash_player_apsb10-26.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-101007.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-101007.nasl - Type : ACT_GATHER_INFO
2010-10-07 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0743.nasl - Type : ACT_GATHER_INFO
2010-09-23 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_8a34d9e6c66211dfb2e1001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-100921.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-100921.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0706.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Windows host contains a browser plug-in that is affected by a code...
File : flash_player_apsb10-22.nasl - Type : ACT_GATHER_INFO
2010-09-09 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsa10-02.nasl - Type : ACT_GATHER_INFO
2010-09-09 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsa10-02.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:36:59
  • Multiple Updates