9.3 - TA10-103C

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Adobe Reader and Acrobat Vulnerabilities

Informations
Name	TA10-103C	First vendor Publication	2010-04-13
Vendor	US-CERT	Last vendor Modification	2010-04-13
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Adobe has released Security Bulletin APSB10-09, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.

I. Description

Adobe Security Bulletin APSB10-09 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.

An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.

II. Impact

These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF document.

III. Solution

Update

Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB10-09 and update vulnerable versions of Adobe Reader and Acrobat.

Adobe does not offer standalone installers of Reader or Acrobat versions 9.3.2 or 8.2.2. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09.

Disable JavaScript in Adobe Reader and Acrobat

Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).

Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.

Prevent Internet Explorer from automatically opening PDF documents

The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00

Disable the display of PDF documents in the web browser

Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.

To prevent PDF documents from automatically being opened in a web browser, do the following:

1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.

Do not access PDF documents from untrusted sources

Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA10-103C.html

CWE : Common Weakness Enumeration

%	Id	Name
75 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
17 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
8 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22063

Oval ID:	oval:org.mitre.oval:def:22063
Title:	RHSA-2010:0349: acroread security update (Critical)
Description:	Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0349-01 CVE-2010-0190 CVE-2010-0191 CVE-2010-0192 CVE-2010-0193 CVE-2010-0194 CVE-2010-0195 CVE-2010-0196 CVE-2010-0197 CVE-2010-0198 CVE-2010-0199 CVE-2010-0201 CVE-2010-0202 CVE-2010-0203 CVE-2010-0204 CVE-2010-1241	Version:	198
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	acroread
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 Packages section acroread-plugin is earlier than 0:9.3.2-1.el5 AND acroread is earlier than 0:9.3.2-1.el5

Definition Id: oval:org.mitre.oval:def:22734

Oval ID:	oval:org.mitre.oval:def:22734
Title:	ELSA-2010:0349: acroread security update (Critical)
Description:	Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0349-01 CVE-2010-0190 CVE-2010-0191 CVE-2010-0192 CVE-2010-0193 CVE-2010-0194 CVE-2010-0195 CVE-2010-0196 CVE-2010-0197 CVE-2010-0198 CVE-2010-0199 CVE-2010-0201 CVE-2010-0202 CVE-2010-0203 CVE-2010-0204 CVE-2010-1241	Version:	65
Platform(s):	Oracle Linux 5	Product(s):	acroread
Definition Synopsis:
Oracle Linux 5.x rpm test acroread-plugin is earlier than 0:9.3.2-1.el5 AND acroread is earlier than 0:9.3.2-1.el5

Definition Id: oval:org.mitre.oval:def:6729

Oval ID:	oval:org.mitre.oval:def:6729
Title:	Adobe Reader and Acrobat Prefix Protocol Handler Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0191	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:6733

Oval ID:	oval:org.mitre.oval:def:6733
Title:	Adobe Reader and Acrobat Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0202	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:6823

Oval ID:	oval:org.mitre.oval:def:6823
Title:	Adobe Reader and Acrobat Memory Corruption Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0194	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:6900

Oval ID:	oval:org.mitre.oval:def:6900
Title:	Adobe Reader and Acrobat Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0199	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:6940

Oval ID:	oval:org.mitre.oval:def:6940
Title:	Adobe Reader and Acrobat Heap-based Overflow Vulnerability
Description:	Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-1241	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:6986

Oval ID:	oval:org.mitre.oval:def:6986
Title:	Adobe Reader and Acrobat Cross-site Scripting Vulnerability
Description:	Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0190	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7046

Oval ID:	oval:org.mitre.oval:def:7046
Title:	Adobe Reader and Acrobat Denial of Service Vulnerability
Description:	Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0192	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7056

Oval ID:	oval:org.mitre.oval:def:7056
Title:	Adobe Reader and Acrobat Memory Corruption Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0201	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7064

Oval ID:	oval:org.mitre.oval:def:7064
Title:	Adobe Reader and Acrobat Denial of Service Vulnerability
Description:	Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0196	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7106

Oval ID:	oval:org.mitre.oval:def:7106
Title:	Adobe Reader and Acrobat Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0198	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7298

Oval ID:	oval:org.mitre.oval:def:7298
Title:	Adobe Reader and Acrobat Memory Corruption Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0197	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7352

Oval ID:	oval:org.mitre.oval:def:7352
Title:	Adobe Reader and Acrobat Denial of Service Vulnerability
Description:	Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0193	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7387

Oval ID:	oval:org.mitre.oval:def:7387
Title:	Adobe Reader and Acrobat Memory Corruption Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0204	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7420

Oval ID:	oval:org.mitre.oval:def:7420
Title:	Adobe Reader and Acrobat Font Handling Vulnerability
Description:	Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0195	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

Definition Id: oval:org.mitre.oval:def:7494

Oval ID:	oval:org.mitre.oval:def:7494
Title:	Adobe Reader and Acrobat Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0203	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.2 AND Adobe Reader library is less than 8.2.2 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.2 AND Adobe Reader library is less than 9.3.2 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.2 AND Adobe Acrobat library is less than 8.2.2 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.2 AND Adobe Acrobat library is less than 9.3.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Acrobat cpe:2.3:a:adobe:acrobat:9.3.1:::::::* cpe:2.3:a:adobe:acrobat:9.3:::::::* cpe:2.3:a:adobe:acrobat:9.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.0:::::::* cpe:2.3:a:adobe:acrobat:8.2.1:::::::* cpe:2.3:a:adobe:acrobat:8.2:::::::* cpe:2.3:a:adobe:acrobat:8.1.7:::::::* cpe:2.3:a:adobe:acrobat:8.1.6:::::::* cpe:2.3:a:adobe:acrobat:8.1.5:::::::* cpe:2.3:a:adobe:acrobat:8.1.4:::::::* cpe:2.3:a:adobe:acrobat:8.1.3:::::::* cpe:2.3:a:adobe:acrobat:8.1.2:::::::* cpe:2.3:a:adobe:acrobat:8.1.1:::::::* cpe:2.3:a:adobe:acrobat:8.1:::::::* cpe:2.3:a:adobe:acrobat:8.0:::::::*	19
Application	Adobe Acrobat Reader cpe:2.3:a:adobe:acrobat_reader:9.3.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.7:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.6:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.5:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.4:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.0:::::::*	18

OpenVAS Exploits

Date	Description
2011-03-09	Name : Gentoo Security Advisory GLSA 201009-05 (acroread) File : nvt/glsa_201009_05.nasl
2010-04-29	Name : SuSE Update for acroread SUSE-SA:2010:022 File : nvt/gb_suse_2010_022.nasl
2010-04-16	Name : Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux) File : nvt/secpod_adobe_prdts_mult_vuln_apr10_lin.nasl
2010-04-16	Name : Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows) File : nvt/secpod_adobe_prdts_mult_vuln_apr10_win.nasl
2010-04-07	Name : Adobe Reader PDF Handling Denial Of Service Vulnerability (Linux) File : nvt/gb_adobe_reader_pdf_doc_dos_vuln_lin.nasl
2010-04-07	Name : Adobe Reader PDF Handling Multiple Vulnerabilities (Win) File : nvt/gb_adobe_reader_pdf_doc_mult_vuln_win.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
63764	Adobe Reader / Acrobat Unspecified Memory Corruption (2010-0204)
63763	Adobe Reader / Acrobat BMP Image Data Handling Overflow
63762	Adobe Reader / Acrobat GIF Image Data Handling Overflow
63761	Adobe Reader / Acrobat Unspecified Memory Corruption (2010-0201)
63760	Adobe Reader / Acrobat JPEG Image Data Handling Overflow
63759	Adobe Reader / Acrobat PNG Image Data Handling Overflow
63758	Adobe Reader / Acrobat Unspecified Memory Corruption (2010-0197)
63757	Adobe Reader / Acrobat UU3D CLODMeshDeclaration Shading Count Memory Corruption
63756	Adobe Reader / Acrobat PDF Document Embedded TrueType Font Handling Arbitrary...
63755	Adobe Reader / Acrobat PDF DeviceRGB Subtype Handling Memory Corruption
63754	Adobe Reader / Acrobat Unspecified DoS (2010-0193)
63753	Adobe Reader / Acrobat Unspecified DoS (2010-0192)
63752	Adobe Reader / Acrobat Prefix Protocol Handler Arbitrary Code Execution (2010...
63751	Adobe Reader / Acrobat Unspecified XSS
63618	Adobe Reader Custom Heap Management System CFF Encoding Handling Memory Corru...

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe Acrobat TrueType font handling remote code execution attempt RuleID : 28643 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat TrueType font handling remote code execution attempt RuleID : 28642 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat TrueType font handling remote code execution attempt RuleID : 28389 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat TrueType font handling remote code execution attempt RuleID : 28388 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Flash Player newfunction memory corruption exploit attempt RuleID : 23592 - Revision : 7 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader malformed Richmedia annotation exploit attempt RuleID : 23509 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Flash Player newfunction memory corruption exploit attempt RuleID : 19408 - Revision : 12 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt RuleID : 16603 - Revision : 14 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt RuleID : 16546 - Revision : 12 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader malformed Richmedia annotation exploit attempt RuleID : 16545 - Revision : 21 - Type : FILE-PDF
2015-05-28	Adobe Reader Linux malformed U3D mesh deceleration block exploit attempt RuleID : 16544 - Revision : 6 - Type : WEB-CLIENT

Nessus® Vulnerability Scanner

Date	Description
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-6993.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-6994.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-6995.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-100418.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-100419.nasl - Type : ACT_GATHER_INFO
2010-09-08	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201009-05.nasl - Type : ACT_GATHER_INFO
2010-05-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0349.nasl - Type : ACT_GATHER_INFO
2010-04-22	Name : The remote openSUSE host is missing a security update. File : suse_11_0_acroread-100418.nasl - Type : ACT_GATHER_INFO
2010-04-22	Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-100418.nasl - Type : ACT_GATHER_INFO
2010-04-22	Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-100419.nasl - Type : ACT_GATHER_INFO
2010-04-13	Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb10-09.nasl - Type : ACT_GATHER_INFO
2010-04-13	Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb10-09.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	12
Oval ID(s)	17
CPE ID(s)	37
osvdb(s)	15
Openvas Exploit(s)	6
Snort® Rule(s)	11
Nessus® Exploit(s)	12

	Related
9.3	CVE-2010-1241
9.3	CVE-2010-0204
9.3	CVE-2010-0203
9.3	CVE-2010-0202
9.3	CVE-2010-0201
9.3	CVE-2010-0199
9.3	CVE-2010-0198
9.3	CVE-2010-0197
9.3	CVE-2010-0196
9.3	CVE-2010-0195
9.3	CVE-2010-0194
9.3	CVE-2010-0193
9.3	CVE-2010-0192
9.3	CVE-2010-0191
4.3	CVE-2010-0190
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 15 more Alert(s)