Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Adobe Reader: Multiple vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | GLSA-201101-08 | First vendor Publication | 2011-01-21 |
| Vendor | Gentoo | Last vendor Modification | 2011-01-21 |
| Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Synopsis Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201101-08.xml |
Original Source
| Url : http://security.gentoo.org/glsa/glsa-201101-08.xml |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 56 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 31 % | CWE-20 | Improper Input Validation |
| 6 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 6 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11586 | |||
| Oval ID: | oval:org.mitre.oval:def:11586 | ||
| Title: | Adobe Reader and Acrobat CoolType.dll Font Parsing Buffer Overflow Vulnerability | ||
| Description: | Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2883 | Version: | 20 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12527 | |||
| Oval ID: | oval:org.mitre.oval:def:12527 | ||
| Title: | Denial of service vulnerability in EScript.api plugin in Adobe Acrobat and Adobe Reader 9.4.0, 8.1.7 and other versions using a crafted PDF document | ||
| Description: | The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4091 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Adobe Acrobat Adobe Reader |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13294 | |||
| Oval ID: | oval:org.mitre.oval:def:13294 | ||
| Title: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Description: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3654 | Version: | 24 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player Adobe Acrobat Adobe Reader |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:14416 | |||
| Oval ID: | oval:org.mitre.oval:def:14416 | ||
| Title: | DEPRECATED: Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2887 | Version: | 12 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Adobe Acrobat Adobe Reader |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21982 | |||
| Oval ID: | oval:org.mitre.oval:def:21982 | ||
| Title: | RHSA-2010:0706: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0706-01 CVE-2010-2884 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22102 | |||
| Oval ID: | oval:org.mitre.oval:def:22102 | ||
| Title: | RHSA-2010:0867: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0867-02 CVE-2010-3636 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 | Version: | 198 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22268 | |||
| Oval ID: | oval:org.mitre.oval:def:22268 | ||
| Title: | RHSA-2010:0934: acroread security update (Critical) | ||
| Description: | The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0934-02 CVE-2010-3654 CVE-2010-4091 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 | Product(s): | acroread |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22281 | |||
| Oval ID: | oval:org.mitre.oval:def:22281 | ||
| Title: | DEPRECATED: ELSA-2010:0934: acroread security update (Critical) | ||
| Description: | The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0934-02 CVE-2010-3654 CVE-2010-4091 | Version: | 14 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | acroread |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22325 | |||
| Oval ID: | oval:org.mitre.oval:def:22325 | ||
| Title: | RHSA-2010:0829: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0829-01 CVE-2010-3636 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 | Version: | 198 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22336 | |||
| Oval ID: | oval:org.mitre.oval:def:22336 | ||
| Title: | RHSA-2010:0743: acroread security update (Critical) | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0743-01 CVE-2010-2883 CVE-2010-2884 CVE-2010-2887 CVE-2010-2889 CVE-2010-2890 CVE-2010-3619 CVE-2010-3620 CVE-2010-3621 CVE-2010-3622 CVE-2010-3625 CVE-2010-3626 CVE-2010-3627 CVE-2010-3628 CVE-2010-3629 CVE-2010-3630 CVE-2010-3632 CVE-2010-3656 CVE-2010-3657 CVE-2010-3658 | Version: | 250 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | acroread |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22988 | |||
| Oval ID: | oval:org.mitre.oval:def:22988 | ||
| Title: | ELSA-2010:0743: acroread security update (Critical) | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0743-01 CVE-2010-2883 CVE-2010-2884 CVE-2010-2887 CVE-2010-2889 CVE-2010-2890 CVE-2010-3619 CVE-2010-3620 CVE-2010-3621 CVE-2010-3622 CVE-2010-3625 CVE-2010-3626 CVE-2010-3627 CVE-2010-3628 CVE-2010-3629 CVE-2010-3630 CVE-2010-3632 CVE-2010-3656 CVE-2010-3657 CVE-2010-3658 | Version: | 81 |
| Platform(s): | Oracle Linux 5 | Product(s): | acroread |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23120 | |||
| Oval ID: | oval:org.mitre.oval:def:23120 | ||
| Title: | ELSA-2010:0706: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0706-01 CVE-2010-2884 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23206 | |||
| Oval ID: | oval:org.mitre.oval:def:23206 | ||
| Title: | ELSA-2010:0829: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0829-01 CVE-2010-3636 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 | Version: | 65 |
| Platform(s): | Oracle Linux 5 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23533 | |||
| Oval ID: | oval:org.mitre.oval:def:23533 | ||
| Title: | ELSA-2010:0867: flash-plugin security update (Critical) | ||
| Description: | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0867-02 CVE-2010-3636 CVE-2010-3639 CVE-2010-3640 CVE-2010-3641 CVE-2010-3642 CVE-2010-3643 CVE-2010-3644 CVE-2010-3645 CVE-2010-3646 CVE-2010-3647 CVE-2010-3648 CVE-2010-3649 CVE-2010-3650 CVE-2010-3652 CVE-2010-3654 | Version: | 65 |
| Platform(s): | Oracle Linux 6 | Product(s): | flash-plugin |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23656 | |||
| Oval ID: | oval:org.mitre.oval:def:23656 | ||
| Title: | ELSA-2010:0934: acroread security update (Critical) | ||
| Description: | The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0934-02 CVE-2010-3654 CVE-2010-4091 | Version: | 13 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | acroread |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6772 | |||
| Oval ID: | oval:org.mitre.oval:def:6772 | ||
| Title: | Adobe Reader and Acrobat Prefix Protocol Handler Code Execution Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3625 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6791 | |||
| Oval ID: | oval:org.mitre.oval:def:6791 | ||
| Title: | Adobe Reader and Acrobat Denial of Service Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3657 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6830 | |||
| Oval ID: | oval:org.mitre.oval:def:6830 | ||
| Title: | Adobe Reader and Acrobat Denial of Service Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2890 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6852 | |||
| Oval ID: | oval:org.mitre.oval:def:6852 | ||
| Title: | Adobe Flash Player, Acrobat Reader, and Acrobat Remote Code Execution Vulnerability | ||
| Description: | Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2884 | Version: | 27 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7007 | |||
| Oval ID: | oval:org.mitre.oval:def:7007 | ||
| Title: | Adobe Reader and Acrobat Code Execution via crafted image Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3629 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7009 | |||
| Oval ID: | oval:org.mitre.oval:def:7009 | ||
| Title: | Adobe Reader and Acrobat Font Parsing Code Execution Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2889 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7057 | |||
| Oval ID: | oval:org.mitre.oval:def:7057 | ||
| Title: | Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3632 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7138 | |||
| Oval ID: | oval:org.mitre.oval:def:7138 | ||
| Title: | Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3622 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7225 | |||
| Oval ID: | oval:org.mitre.oval:def:7225 | ||
| Title: | Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3658 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7356 | |||
| Oval ID: | oval:org.mitre.oval:def:7356 | ||
| Title: | Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3627 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7382 | |||
| Oval ID: | oval:org.mitre.oval:def:7382 | ||
| Title: | Adobe Reader and Acrobat Font Parsing Code Execution Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3626 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7385 | |||
| Oval ID: | oval:org.mitre.oval:def:7385 | ||
| Title: | Memory Corruption via unspecified vectors vulnerability in Adobe Reader and Acrobat. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3619 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7386 | |||
| Oval ID: | oval:org.mitre.oval:def:7386 | ||
| Title: | Adobe Reader and Acrobat Memory Corruption Code Execution Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3621 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7393 | |||
| Oval ID: | oval:org.mitre.oval:def:7393 | ||
| Title: | Adobe Reader and Acrobat Denial of Service and Arbitrary Code Execution Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3630 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7455 | |||
| Oval ID: | oval:org.mitre.oval:def:7455 | ||
| Title: | Adobe Reader and Acrobat Arbitrary Code Execution and Denial of Service Vulnerability. | ||
| Description: | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3628 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7484 | |||
| Oval ID: | oval:org.mitre.oval:def:7484 | ||
| Title: | Adobe Reader and Acrobat Denial of Service Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3656 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7589 | |||
| Oval ID: | oval:org.mitre.oval:def:7589 | ||
| Title: | Adobe Reader and Acrobat Image Parsing Code Execution Vulnerability. | ||
| Description: | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3620 | Version: | 19 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Adobe Flash Player Flash Content Parsing Code Execution | More info here |
| Adobe Reader CoolType.dll buffer overflow | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-04-19 | Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP... |
| 2010-11-01 | Adobe Flash Player "Button" Remote Code Execution |
| 2010-09-25 | Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow |
| 2010-09-20 | Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-19 (acroread) File : nvt/glsa_201201_19.nasl |
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-03-15 | Name : SuSE Update for acroread SUSE-SA:2011:011 File : nvt/gb_suse_2011_011.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash) File : nvt/glsa_201101_09.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201101-08 (acroread) File : nvt/glsa_201101_08.nasl |
| 2011-02-15 | Name : Adobe Reader and Acrobat Multiple Vulnerabilities February-2011 (Windows) File : nvt/gb_adobe_prdts_mult_vuln_feb11_win.nasl |
| 2011-02-15 | Name : Adobe Reader Multiple Vulnerabilities February-2011 (Linux) File : nvt/gb_adobe_reader_mult_vuln_feb11_lin.nasl |
| 2011-01-04 | Name : SuSE Update for acoread SUSE-SA:2010:058 File : nvt/gb_suse_2010_058.nasl |
| 2010-11-23 | Name : Adobe Reader 'printSeps()' Function Heap Corruption Vulnerability File : nvt/gb_adobe_reader_printseps_mem_crptn_vuln_lin.nasl |
| 2010-11-23 | Name : Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability File : nvt/gb_adobe_prdts_printseps_mem_crptn_vuln_win.nasl |
| 2010-11-17 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin11.nasl |
| 2010-11-16 | Name : SuSE Update for flash-player SUSE-SA:2010:055 File : nvt/gb_suse_2010_055.nasl |
| 2010-11-10 | Name : Adobe Products Content Code Execution Vulnerability (Windows) File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_win.nasl |
| 2010-11-10 | Name : Adobe Products Content Code Execution Vulnerability (Linux) File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_lin.nasl |
| 2010-10-19 | Name : SuSE Update for acroread SUSE-SA:2010:048 File : nvt/gb_suse_2010_048.nasl |
| 2010-10-18 | Name : Adobe Reader Multiple Unspecified Vulnerabilities -Oct10 (Linux) File : nvt/gb_adobe_reader_mult_unspecified_oct10_lin.nasl |
| 2010-10-18 | Name : Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows) File : nvt/gb_adobe_prdts_mult_vuln_oct10_win.nasl |
| 2010-10-10 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin10.nasl |
| 2010-10-01 | Name : SuSE Update for flash-player SUSE-SA:2010:042 File : nvt/gb_suse_2010_042.nasl |
| 2010-09-21 | Name : Adobe Products Content Code Execution Vulnerability (Windows) File : nvt/secpod_adobe_prdts_content_code_execution_vuln_win.nasl |
| 2010-09-21 | Name : Adobe Reader/Flash Player Content Code Execution Vulnerability (Linux) File : nvt/secpod_adobe_prdts_content_code_execution_vuln_lin.nasl |
| 2010-09-15 | Name : Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux) File : nvt/gb_adobe_reader_sing_bof_vuln_lin.nasl |
| 2010-09-15 | Name : Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win) File : nvt/gb_adobe_prdts_sing_bof_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 69005 | Adobe Reader EScript.api Plugin printSeps Function Memory Corruption A memory corruption flaw exists in Adobe Reader. The flaw is caused due to an unspecified error when parsing PDF files and can be exploited to corrupt memory. With a specially crafted PDF file, it may allow execution of arbitrary code. |
| 68932 | Adobe Multiple Products Crafted SWF Movie Handling Overflow (2010-3654) Adobe Acrobat, Flash and Reader contains a flaw that may allow a remote attacker to execute arbitrary commands or code. An unspecified error can be exploited to execute arbitrary code |
| 68435 | Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3658) An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service. |
| 68434 | Adobe Reader / Acrobat Unspecified DoS (2010-3657) Adobe Reader and Acrobat contain an unspecified flaw that may allow an attacker to cause a denial of service. No further details have been provided. |
| 68433 | Adobe Reader / Acrobat Unspecified DoS (2010-3656) Adobe Reader and Acrobat contain an unspecified flaw that may allow an attacker to cause a denial of service. No further details have been provided. |
| 68432 | Adobe Reader / Acrobat Unspecified File Format String Handling Memory Corruption A memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize user-supplied input when handling an embedded string's length in a particular file, resulting in memory corruption. With a specially crafted string within a crafted file, a context-dependent attacker can execute arbitrary code. |
| 68430 | Adobe Reader / Acrobat AcroRd32.dll sub_60AF56 Function Memory Corruption A memory corruption flaw exists in Adobe Reader and Acrobat. The 3difr and AcroRd32.dll modules fail to sanitize user-supplied input when the 'sub_60AF56' function access violates when encounter ESI register data, resulting in memory corruption. With a specially crafted .PDF file, a context-dependent attacker can execute arbitrary code. |
| 68429 | Adobe Reader / Acrobat Unspecified Crafted Image Arbitrary Code Execution (20... Adobe Reader and Acrobat contain a flaw related to image-parsing input validation that may allow a context-dependent attacker to use a crafted image to execute arbitrary code. No further details have been provided. |
| 68428 | Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3628) An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service. |
| 68427 | Adobe Reader / Acrobat PDF Flash Code Handling Arbitrary Code Execution Adobe Reader and Acrobat contain a use-after-free flaw related to a released memory chunk being invalidly used. This may allow a context-dependent attacker to use a crafted .PDF file with PAGES thumbnails to trigger an 'ACCESS_VIOLATION' and execute arbitrary code. |
| 68426 | Adobe Reader / Acrobat Unspecified Crafted Font Arbitrary Code Execution (201... Adobe Reader and Acrobat contain an unspecified flaw that may allow a context-dependent attacker to use a crafted font to execute arbitrary code. No further details have been provided. |
| 68425 | Adobe Reader / Acrobat Prefix Protocol Handler Arbitrary Code Execution (2010... Adobe Reader and Acrobat contain an unspecified flaw related to a prefix protocol handler vulnerability. This may allow an attacker to execute arbitrary code. No further details have been provided. |
| 68422 | Adobe Reader / Acrobat ACE.dll ICC Stream mluc Structure Handling Memory Corr... A memory corruption flaw exists in Adobe Reader and Acrobat. The ACE.dll module fails to sanitize user-supplied input when an attacker forges an integer value derived from arithmetic performed on the second DWORD of the mulc structure and desc structure, resulting in memory corruption. With a specially crafted file or web page, a context-dependent attacker can execute arbitrary code. |
| 68421 | Adobe Reader / Acrobat ACE.dll ICC Stream Handling Memory Corruption A memory corruption flaw exists in Adobe Reader and Acrobat. The ACE.dll module fails to sanitize user-supplied input when parsing ICC streams, resulting in memory corruption. With a specially crafted file or web page, a context-dependent attacker can overflow a stack buffer and execute arbitrary code. |
| 68420 | Adobe Reader / Acrobat Unspecified Crafted Image Arbitrary Code Execution (20... Adobe Reader and Acrobat contain an image-parsing input validation flaw related that may allow a context-dependent attacker to use a crafted image to execute arbitrary code. No further details have been provided. |
| 68419 | Adobe Reader / Acrobat Unspecified Memory Corruption (2010-3619) An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service. |
| 68418 | Adobe Reader / Acrobat Unspecified Memory Corruption (2010-2890) An unspecified memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input resulting in memory corruption. This may allow an attacker to execute arbitrary code or cause a denial of service. |
| 68416 | Adobe Reader / Acrobat Unspecified Crafted Font Arbitrary Code Execution (201... Adobe Reader and Acrobat contains a flaw related to font-parsing input validation that may allow a context-dependent attacker to use a crafted font to execute arbitrary code. No further details have been provided. |
| 68412 | Adobe Reader / Acrobat on Linux Multiple Unspecified Privilege Escalation Adobe Reader and Acrobat on Linux contain multiple flaws related to an insecure relative RPATH that may allow an attacker to gain access to unauthorized privileges. The issue can be exploited by malicious, local users to gain escalated privileges and execute arbitrary code by tricking a user into running the program in an attacker-controlled directory. |
| 68024 | Adobe Flash Player Unspecified Code Execution Adobe Flash Player contains a flaw that may allow an attacker to run arbitrary code. The issue is triggered when a specially crafted .SWF file is viewed using a standalone player or within a Flash browser plugin. |
| 67849 | Adobe Reader / Acrobat CoolType.dll SING (Smart INdependent Glyphlets) Font u... Acrobat and Reader are prone to an overflow condition. The application fails to properly sanitize the "uniqueName" field within the SING table structure of TrueType fonts resulting in a stack buffer overflow. With a specially crafted file, a context-dependent attacker can potentially cause arbitrary code execution. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-01-16 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 52484 - Revision : 1 - Type : FILE-PDF |
| 2020-01-16 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 52483 - Revision : 1 - Type : FILE-PDF |
| 2019-12-10 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 52125 - Revision : 2 - Type : FILE-PDF |
| 2019-12-10 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 52124 - Revision : 2 - Type : FILE-PDF |
| 2015-03-31 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 33602 - Revision : 2 - Type : FILE-PDF |
| 2015-03-31 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 33601 - Revision : 2 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 28727 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 28726 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 28725 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt RuleID : 28723 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt RuleID : 28722 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28657 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28656 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28655 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28654 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28653 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28652 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28651 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28650 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28649 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28648 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28647 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28646 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28645 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28644 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28380 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28379 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28378 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28377 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28376 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28375 - Revision : 5 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 28374 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 28261 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC remote memory corruption attempt RuleID : 28260 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC remote memory corruption attempt RuleID : 28257 - Revision : 7 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 28256 - Revision : 6 - Type : FILE-PDF |
| 2014-01-10 | Teletubbies exploit kit payload download RuleID : 27887 - Revision : 2 - Type : EXPLOIT-KIT |
| 2014-01-10 | Teletubbies exploit kit exploit attempt for Adobe Flash Player RuleID : 27882 - Revision : 2 - Type : EXPLOIT-KIT |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19280 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19279 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19278 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19277 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19276 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over pop3 RuleID : 19275 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over smtp RuleID : 19274 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over smtp RuleID : 19273 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over smtp RuleID : 19272 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over smtp RuleID : 19271 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash over smtp RuleID : 19270 - Revision : 4 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash RuleID : 19269 - Revision : 14 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash RuleID : 19268 - Revision : 14 - Type : FILE-PDF |
| 2014-01-10 | Adobe Flash Player content parsing execution attempt RuleID : 18992 - Revision : 11 - Type : FILE-FLASH |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 18991 - Revision : 13 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 18990 - Revision : 13 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 18989 - Revision : 13 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 18988 - Revision : 12 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 18987 - Revision : 15 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution... RuleID : 18986 - Revision : 15 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader ICC mluc integer overflow attempt RuleID : 18308 - Revision : 15 - Type : FILE-PDF |
| 2014-01-10 | Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt RuleID : 18102 - Revision : 20 - Type : FILE-PDF |
| 2014-01-10 | Adobe Flash authplay.dll memory corruption attempt RuleID : 17808 - Revision : 8 - Type : FILE-FLASH |
| 2014-01-10 | Adobe Flash Player and Reader remote code execution attempt RuleID : 17257 - Revision : 12 - Type : FILE-FLASH |
| 2014-01-10 | Adobe Acrobat Reader TTF SING table parsing remote code execution attempt RuleID : 17233 - Revision : 13 - Type : FILE-PDF |
| 2014-01-10 | attempted download of a PDF with embedded Flash RuleID : 15727 - Revision : 27 - Type : FILE-PDF |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_flash-player-101104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_flash-player-100921.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_acroread-110302.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_acroread-101206.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_acroread-101007.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0829.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0834.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-19.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-110302.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-101206.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-101104.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_flash-player-101104.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-101206.nasl - Type : ACT_GATHER_INFO |
| 2011-03-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-7359.nasl - Type : ACT_GATHER_INFO |
| 2011-03-07 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-110301.nasl - Type : ACT_GATHER_INFO |
| 2011-03-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-7358.nasl - Type : ACT_GATHER_INFO |
| 2011-03-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-110301.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb11-03.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb11-03.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-7266.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-7181.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-7182.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-7267.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-7165.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-7223.nasl - Type : ACT_GATHER_INFO |
| 2011-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201101-09.nasl - Type : ACT_GATHER_INFO |
| 2011-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201101-08.nasl - Type : ACT_GATHER_INFO |
| 2010-12-09 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-101203.nasl - Type : ACT_GATHER_INFO |
| 2010-12-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-101203.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-101104.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-101007.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0934.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-101007.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0867.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb10-28.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb10-28.nasl - Type : ACT_GATHER_INFO |
| 2010-11-15 | Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb10-26.nasl - Type : ACT_GATHER_INFO |
| 2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
| 2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
| 2010-11-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_76b597e4e9c611df9e10001b2134ef46.nasl - Type : ACT_GATHER_INFO |
| 2010-11-05 | Name : The remote Windows host contains a browser plug-in that is affected by multip... File : flash_player_apsb10-26.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-101007.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-101007.nasl - Type : ACT_GATHER_INFO |
| 2010-10-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0743.nasl - Type : ACT_GATHER_INFO |
| 2010-09-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8a34d9e6c66211dfb2e1001b2134ef46.nasl - Type : ACT_GATHER_INFO |
| 2010-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_flash-player-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-09-22 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-09-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0706.nasl - Type : ACT_GATHER_INFO |
| 2010-09-21 | Name : The remote Windows host contains a browser plug-in that is affected by a code... File : flash_player_apsb10-22.nasl - Type : ACT_GATHER_INFO |
| 2010-09-09 | Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsa10-02.nasl - Type : ACT_GATHER_INFO |
| 2010-09-09 | Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsa10-02.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:36:59 |
|
