10 - RHSA-2013:0150

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	acroread security update

Informations
Name	RHSA-2013:0150	First vendor Publication	2013-01-10
Vendor	RedHat	Last vendor Modification	2013-01-10
Severity (Vendor)	Critical	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

Adobe Reader allows users to view and print documents in Portable Document Format (PDF).

This update fixes several security flaws in Adobe Reader. These flaws are detailed in the Adobe Security bulletin APSB13-02, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616, CVE-2013-0617, CVE-2013-0618, CVE-2013-0619, CVE-2013-0620, CVE-2013-0621, CVE-2013-0623, CVE-2013-0626)

All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

893235 - acroread: multiple code execution flaws (APSB13-02)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-0150.html

CWE : Common Weakness Enumeration

%	Id	Name
68 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
18 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
9 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
5 %	CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15499

Oval ID:	oval:org.mitre.oval:def:15499
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0607	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:15670

Oval ID:	oval:org.mitre.oval:def:15670
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0620.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0620.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0623	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:15822

Oval ID:	oval:org.mitre.oval:def:15822
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0614.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0614.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0618	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16008

Oval ID:	oval:org.mitre.oval:def:16008
Title:	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.
Description:	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0604	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16037

Oval ID:	oval:org.mitre.oval:def:16037
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0608	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16094

Oval ID:	oval:org.mitre.oval:def:16094
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623.
Description:	Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1530	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16120

Oval ID:	oval:org.mitre.oval:def:16120
Title:	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613
Description:	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0609	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16138

Oval ID:	oval:org.mitre.oval:def:16138
Title:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621.
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0621.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0617	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16196

Oval ID:	oval:org.mitre.oval:def:16196
Title:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0606	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16200

Oval ID:	oval:org.mitre.oval:def:16200
Title:	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604
Description:	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0603	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16226

Oval ID:	oval:org.mitre.oval:def:16226
Title:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617.
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0621	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16266

Oval ID:	oval:org.mitre.oval:def:16266
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0605	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16275

Oval ID:	oval:org.mitre.oval:def:16275
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0620	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16289

Oval ID:	oval:org.mitre.oval:def:16289
Title:	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610
Description:	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0626	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16290

Oval ID:	oval:org.mitre.oval:def:16290
Title:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CVE-2013-0621
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0617, and CVE-2013-0621.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0615	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16295

Oval ID:	oval:org.mitre.oval:def:16295
Title:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0612	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16305

Oval ID:	oval:org.mitre.oval:def:16305
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0616	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16331

Oval ID:	oval:org.mitre.oval:def:16331
Title:	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626.
Description:	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0610	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16380

Oval ID:	oval:org.mitre.oval:def:16380
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0601	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16413

Oval ID:	oval:org.mitre.oval:def:16413
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0620, and CVE-2013-0623.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0620, and CVE-2013-0623.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0619	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16449

Oval ID:	oval:org.mitre.oval:def:16449
Title:	Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors
Description:	Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0602	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16452

Oval ID:	oval:org.mitre.oval:def:16452
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0611	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16461

Oval ID:	oval:org.mitre.oval:def:16461
Title:	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609.
Description:	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0613	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

Definition Id: oval:org.mitre.oval:def:16491

Oval ID:	oval:org.mitre.oval:def:16491
Title:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618.
Description:	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-0614	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Determine if the version of Adobe Reader 9 is less than 9.5.3 Adobe Reader 9 Series is installed AND Version of Adobe Reader is less than 9.5.3 OR Determine if the version of Adobe Reader 10 is less than 10.1.5 Adobe Reader 10.x is installed AND Version of Adobe Reader is less than 10.1.5 OR Determine if the version of Adobe Reader 11 is less than 11.0.01 Adobe Reader 11.x is installed AND Version of Adobe Reader is less than 11.0.01 OR Determine if the version of Adobe Acrobat 9 is less than 9.5.3 Adobe Acrobat 9 Series is installed AND Version of Adobe Acrobat is less than 9.5.3 OR Determine if the version of Adobe Acrobat 10 is less than 10.1.5 Adobe Acrobat 10.x is installed AND Version of Adobe Acrobat is less than 10.1.5 OR Determine if the version of Adobe Acrobat 11 is less than 11.0.01 Adobe Acrobat 11.x is installed AND Version of Adobe Acrobat is less than 11.0.01

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Acrobat cpe:2.3:a:adobe:acrobat:11.0:::::::* cpe:2.3:a:adobe:acrobat:10.1.4:::::::* cpe:2.3:a:adobe:acrobat:10.1.3:::::::* cpe:2.3:a:adobe:acrobat:10.1.2:::::::* cpe:2.3:a:adobe:acrobat:10.1.1:::::::* cpe:2.3:a:adobe:acrobat:10.1:::::::* cpe:2.3:a:adobe:acrobat:10.0.3:::::::* cpe:2.3:a:adobe:acrobat:10.0.2:::::::* cpe:2.3:a:adobe:acrobat:10.0.1:::::::* cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:::::* cpe:2.3:a:adobe:acrobat:10.0:::::::* cpe:2.3:a:adobe:acrobat:10.0:-:pro:::::* cpe:2.3:a:adobe:acrobat:9.5.2:::::::* cpe:2.3:a:adobe:acrobat:9.5.1:::::::* cpe:2.3:a:adobe:acrobat:9.5:::::::* cpe:2.3:a:adobe:acrobat:9.4.7:::::::* cpe:2.3:a:adobe:acrobat:9.4.6:-:::::: cpe:2.3:a:adobe:acrobat:9.4.6:::::::* cpe:2.3:a:adobe:acrobat:9.4.5:::::::* cpe:2.3:a:adobe:acrobat:9.4.5:-:::::: cpe:2.3:a:adobe:acrobat:9.4.4:-:::::: cpe:2.3:a:adobe:acrobat:9.4.4:::::::* cpe:2.3:a:adobe:acrobat:9.4.3:::::::* cpe:2.3:a:adobe:acrobat:9.4.3:-:::::: cpe:2.3:a:adobe:acrobat:9.4.2:::::::* cpe:2.3:a:adobe:acrobat:9.4.2:-:::::: cpe:2.3:a:adobe:acrobat:9.4.1:-:::::: cpe:2.3:a:adobe:acrobat:9.4.1:::::::* cpe:2.3:a:adobe:acrobat:9.4:::::::* cpe:2.3:a:adobe:acrobat:9.3.4:-:::::: cpe:2.3:a:adobe:acrobat:9.3.4:::::::* cpe:2.3:a:adobe:acrobat:9.3.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.2:-:::::: cpe:2.3:a:adobe:acrobat:9.3.2:::::::* cpe:2.3:a:adobe:acrobat:9.3.1:-:::::: cpe:2.3:a:adobe:acrobat:9.3.1:::::::* cpe:2.3:a:adobe:acrobat:9.3:-:pro:::::* cpe:2.3:a:adobe:acrobat:9.3:::::::* cpe:2.3:a:adobe:acrobat:9.2:::::::* cpe:2.3:a:adobe:acrobat:9.2:-:::::: cpe:2.3:a:adobe:acrobat:9.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.1.3:-:::::: cpe:2.3:a:adobe:acrobat:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:-:::::: cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.1:-:pro:::::* cpe:2.3:a:adobe:acrobat:9.0:-:pro:::::* cpe:2.3:a:adobe:acrobat:9.0:::::::*	49
Application	Adobe Acrobat Reader cpe:2.3:a:adobe:acrobat_reader:11.0:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.4:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.7:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.6:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.5:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::*	32

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe Acrobat Reader heap-based buffer overflow attempt RuleID : 25564 - Revision : 6 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader heap-based buffer overflow attempt RuleID : 25563 - Revision : 6 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader TTF parsing bad cmap format attempt RuleID : 25537 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader TTF parsing bad cmap format attempt RuleID : 25536 - Revision : 6 - Type : FILE-PDF
2014-01-10	JavaScript contained in an xml template embedded in a pdf attempt RuleID : 25475 - Revision : 8 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25469 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25468 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25467 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader structtreeroot children recursive call denial of service... RuleID : 25466 - Revision : 6 - Type : FILE-PDF
2014-01-10	OpenType parsing buffer overflow attempt RuleID : 25464 - Revision : 5 - Type : FILE-PDF
2014-01-10	OpenType parsing buffer overflow attempt RuleID : 25463 - Revision : 6 - Type : FILE-PDF
2014-01-10	OpenType parsing buffer overflow attempt RuleID : 25462 - Revision : 4 - Type : FILE-PDF
2014-01-10	OpenType parsing buffer overflow attempt RuleID : 25461 - Revision : 5 - Type : FILE-PDF
2014-01-10	Multiple products incomplete JP2K image geometry potentially malicious PDF de... RuleID : 25460 - Revision : 14 - Type : FILE-PDF
2014-01-10	Multiple products incomplete JP2K image geometry potentially malicious PDF de... RuleID : 25459 - Revision : 15 - Type : FILE-PDF
2014-01-10	JavaScript contained in an xml template embedded in a pdf attempt RuleID : 23612 - Revision : 11 - Type : FILE-PDF
2014-01-10	JavaScript contained in an xml template embedded in a pdf attempt RuleID : 23611 - Revision : 10 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date	Description
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0044-1.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-38.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-39.nasl - Type : ACT_GATHER_INFO
2013-08-23	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-03.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-130115.nasl - Type : ACT_GATHER_INFO
2013-01-18	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-8431.nasl - Type : ACT_GATHER_INFO
2013-01-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0150.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb13-02.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb13-02.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The version of Adobe Reader on the remote Mac OS X host is affected by multip... File : macosx_adobe_reader_apsb13-02.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:56:40	Multiple Updates
2013-01-10 17:23:09	Multiple Updates
2013-01-10 05:22:11	First insertion

Global Informations

Type	Count
CWE ID(s)	22
Oval ID(s)	24
CPE ID(s)	81
Snort® Rule(s)	17
Nessus® Exploit(s)	10

	Related
10	CVE-2013-0626
10	CVE-2013-0623
10	CVE-2013-0621
10	CVE-2013-0620
10	CVE-2013-0619
10	CVE-2013-0618
10	CVE-2013-0617
10	CVE-2013-0616
10	CVE-2013-0615
10	CVE-2013-0614
10	CVE-2013-0613
10	CVE-2013-0612
10	CVE-2013-0611
10	CVE-2013-0610
10	CVE-2013-0609
10	CVE-2013-0608
10	CVE-2013-0607
10	CVE-2013-0606
10	CVE-2013-0605
10	CVE-2013-0604
10	CVE-2013-0603
10	CVE-2013-0602
10	CVE-2013-0601
10	CVE-2012-1530
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 24 more Alert(s)