Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Adobe Acrobat Reader security update
Informations
Name RHSA-2007:0021 First vendor Publication 2007-01-22
Vendor RedHat Last vendor Modification 2007-01-22
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64

3. Problem description:

The Adobe Reader allows users to view and print documents in portable document format (PDF).

A cross site scripting flaw was found in the way the Adobe Reader Plugin processes certain malformed URLs. A malicious web page could inject arbitrary javascript into the browser session which could possibly lead to a cross site scripting attack. (CVE-2007-0045)

Two arbitrary code execution flaws were found in the way Adobe Reader processes malformed document files. It may be possible to execute arbitrary code on a victim's machine if the victim opens a malicious PDF file. (CVE-2006-5857, CVE-2007-0046)

Please note that Adobe Reader 7.0.9 requires versions of several system libraries that were not shipped with Red Hat Enterprise Linux 3. This update contains additional packages that provide the required system library versions for Adobe Reader. These additional packages are only required by Adobe Reader and do not replace or affect any other aspects of a Red Hat Enterprise Linux 3 system.

All users of Adobe Reader are advised to upgrade to these updated packages, which contain Adobe Reader version 7.0.9 and additional libraries to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

222273 - CVE-2006-5857 Multiple Acrobat vulnerabilities (CVE-2007-0045 CVE-2007-0046)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2007-0021.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-399 Resource Management Errors
50 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11698
 
Oval ID: oval:org.mitre.oval:def:11698
Title: Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.
Description: Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.
Family: unix Class: vulnerability
Reference(s): CVE-2006-5857
Version: 3
Platform(s): Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29480
 
Oval ID: oval:org.mitre.oval:def:29480
Title: Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code (CVE-2006-5857)
Description: Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.
Family: windows Class: vulnerability
Reference(s): CVE-2006-5857
Version: 2
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Acrobat
Adobe Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6487
 
Oval ID: oval:org.mitre.oval:def:6487
Title: Adobe Reader and Acrobat Multiple Vulnerabilities
Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Family: windows Class: vulnerability
Reference(s): CVE-2007-0045
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Product(s): Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9684
 
Oval ID: oval:org.mitre.oval:def:9684
Title: Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Description: Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.
Family: unix Class: vulnerability
Reference(s): CVE-2007-0046
Version: 3
Platform(s): Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9693
 
Oval ID: oval:org.mitre.oval:def:9693
Title: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka "Universal XSS (UXSS)."
Family: unix Class: vulnerability
Reference(s): CVE-2007-0045
Version: 3
Platform(s): Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 63
Application 1
Application 50

OpenVAS Exploits

Date Description
2009-10-27 Name : Gentoo Security Advisory GLSA 200910-03 (acroread)
File : nvt/glsa_200910_03.nasl
2009-10-27 Name : SuSE Security Advisory SUSE-SA:2009:049 (acroread, acroread_ja)
File : nvt/suse_sa_2009_049.nasl
2009-10-10 Name : SLES9: Security update for acroread
File : nvt/sles9p5018489.nasl
2009-01-28 Name : SuSE Update for acroread SUSE-SA:2007:011
File : nvt/gb_suse_2007_011.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200701-16 (acroread)
File : nvt/glsa_200701_16.nasl
2008-01-17 Name : Debian Security Advisory DSA 1336-1 (mozilla-firefox)
File : nvt/deb_1336_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
31316 Adobe Reader Rendering Subroutine Memory Corruption Arbitrary Code Execution

31048 Adobe Acrobat Reader Browser Plug-in PDF Handling Memory Corruption

31046 Adobe Acrobat Reader Browser Plug-in PDF XSS

Acrobat Reader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the browser plug-in does not validate user supplied input to the hosted PDF file before returning the input to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's Acrobat Reader browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Adobe Acrobat Plugin JavaScript parameter double free attempt
RuleID : 9843 - Revision : 17 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Plugin Universal cross-site scripting attempt
RuleID : 9842 - Revision : 11 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader PDF subroutine pointer attempt
RuleID : 21765 - Revision : 7 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date Description
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0017.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0021.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-6585.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-6584.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-6583.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-6582.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote openSUSE host is missing a security update.
File : suse_acroread-6588.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200910-03.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-26 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_acroread-091022.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb09-15.nasl - Type : ACT_GATHER_INFO
2009-10-14 Name : The PDF file viewer on the remote Windows host is affected by a memory corrup...
File : adobe_reader_apsb09-15.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_11433.nasl - Type : ACT_GATHER_INFO
2009-08-28 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_709.nasl - Type : ACT_GATHER_INFO
2009-01-31 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_1_0_154_46.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-2508.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-2545.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_acroread-2506.nasl - Type : ACT_GATHER_INFO
2007-07-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1336.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2007-066-05.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2007_011.nasl - Type : ACT_GATHER_INFO
2007-01-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200701-16.nasl - Type : ACT_GATHER_INFO
2007-01-10 Name : The PDF file viewer on the remote Windows host is affected by several vulnera...
File : adobe_reader_709.nasl - Type : ACT_GATHER_INFO
2007-01-05 Name : The browser plugin on the remote Windows host is affected by multiple issues.
File : adobe_pdf_plugin_80.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 121104-11
File : solaris10_121104.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:50:23
  • Multiple Updates