Executive Summary
Summary | |
---|---|
Title | acroread security update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:0150 | First vendor Publication | 2013-01-10 |
Vendor | RedHat | Last vendor Modification | 2013-01-10 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several security flaws in Adobe Reader. These flaws are detailed in the Adobe Security bulletin APSB13-02, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616, CVE-2013-0617, CVE-2013-0618, CVE-2013-0619, CVE-2013-0620, CVE-2013-0621, CVE-2013-0623, CVE-2013-0626) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 893235 - acroread: multiple code execution flaws (APSB13-02) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-0150.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
68 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
18 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
9 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
5 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15499 | |||
Oval ID: | oval:org.mitre.oval:def:15499 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618 | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0607 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15670 | |||
Oval ID: | oval:org.mitre.oval:def:15670 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0620. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0620. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0623 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15822 | |||
Oval ID: | oval:org.mitre.oval:def:15822 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0614. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0614. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0618 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16008 | |||
Oval ID: | oval:org.mitre.oval:def:16008 | ||
Title: | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603. | ||
Description: | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0604 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16037 | |||
Oval ID: | oval:org.mitre.oval:def:16037 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618 | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0608 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16094 | |||
Oval ID: | oval:org.mitre.oval:def:16094 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||
Description: | Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1530 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16120 | |||
Oval ID: | oval:org.mitre.oval:def:16120 | ||
Title: | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613 | ||
Description: | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0609 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16138 | |||
Oval ID: | oval:org.mitre.oval:def:16138 | ||
Title: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621. | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0617 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16196 | |||
Oval ID: | oval:org.mitre.oval:def:16196 | ||
Title: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621 | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0606 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16200 | |||
Oval ID: | oval:org.mitre.oval:def:16200 | ||
Title: | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604 | ||
Description: | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0603 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16226 | |||
Oval ID: | oval:org.mitre.oval:def:16226 | ||
Title: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617. | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0621 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16266 | |||
Oval ID: | oval:org.mitre.oval:def:16266 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623 | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0605 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16275 | |||
Oval ID: | oval:org.mitre.oval:def:16275 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0620 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16289 | |||
Oval ID: | oval:org.mitre.oval:def:16289 | ||
Title: | Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610 | ||
Description: | Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0626 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16290 | |||
Oval ID: | oval:org.mitre.oval:def:16290 | ||
Title: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CVE-2013-0621 | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CVE-2013-0621. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0615 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16295 | |||
Oval ID: | oval:org.mitre.oval:def:16295 | ||
Title: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. | ||
Description: | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0612 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16305 | |||
Oval ID: | oval:org.mitre.oval:def:16305 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0616 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16331 | |||
Oval ID: | oval:org.mitre.oval:def:16331 | ||
Title: | Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626. | ||
Description: | Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0610 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16380 | |||
Oval ID: | oval:org.mitre.oval:def:16380 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623 | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0601 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16413 | |||
Oval ID: | oval:org.mitre.oval:def:16413 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0620, and CVE-2013-0623. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0620, and CVE-2013-0623. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0619 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16449 | |||
Oval ID: | oval:org.mitre.oval:def:16449 | ||
Title: | Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors | ||
Description: | Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0602 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16452 | |||
Oval ID: | oval:org.mitre.oval:def:16452 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0611 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16461 | |||
Oval ID: | oval:org.mitre.oval:def:16461 | ||
Title: | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609. | ||
Description: | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0613 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16491 | |||
Oval ID: | oval:org.mitre.oval:def:16491 | ||
Title: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618. | ||
Description: | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0614 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Adobe Reader Adobe Acrobat |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Adobe Acrobat Reader heap-based buffer overflow attempt RuleID : 25564 - Revision : 6 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader heap-based buffer overflow attempt RuleID : 25563 - Revision : 6 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader TTF parsing bad cmap format attempt RuleID : 25537 - Revision : 7 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader TTF parsing bad cmap format attempt RuleID : 25536 - Revision : 6 - Type : FILE-PDF |
2014-01-10 | JavaScript contained in an xml template embedded in a pdf attempt RuleID : 25475 - Revision : 8 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25469 - Revision : 5 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25468 - Revision : 7 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25467 - Revision : 5 - Type : FILE-PDF |
2014-01-10 | Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25466 - Revision : 6 - Type : FILE-PDF |
2014-01-10 | OpenType parsing buffer overflow attempt RuleID : 25464 - Revision : 5 - Type : FILE-PDF |
2014-01-10 | OpenType parsing buffer overflow attempt RuleID : 25463 - Revision : 6 - Type : FILE-PDF |
2014-01-10 | OpenType parsing buffer overflow attempt RuleID : 25462 - Revision : 4 - Type : FILE-PDF |
2014-01-10 | OpenType parsing buffer overflow attempt RuleID : 25461 - Revision : 5 - Type : FILE-PDF |
2014-01-10 | Multiple products incomplete JP2K image geometry potentially malicious PDF de... RuleID : 25460 - Revision : 14 - Type : FILE-PDF |
2014-01-10 | Multiple products incomplete JP2K image geometry potentially malicious PDF de... RuleID : 25459 - Revision : 15 - Type : FILE-PDF |
2014-01-10 | JavaScript contained in an xml template embedded in a pdf attempt RuleID : 23612 - Revision : 11 - Type : FILE-PDF |
2014-01-10 | JavaScript contained in an xml template embedded in a pdf attempt RuleID : 23611 - Revision : 10 - Type : FILE-PDF |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0044-1.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-38.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-39.nasl - Type : ACT_GATHER_INFO |
2013-08-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-03.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-130115.nasl - Type : ACT_GATHER_INFO |
2013-01-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-8431.nasl - Type : ACT_GATHER_INFO |
2013-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0150.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb13-02.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb13-02.nasl - Type : ACT_GATHER_INFO |
2013-01-09 | Name : The version of Adobe Reader on the remote Mac OS X host is affected by multip... File : macosx_adobe_reader_apsb13-02.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:40 |
|
2013-01-10 17:23:09 |
|
2013-01-10 05:22:11 |
|