| VID |
28238 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Adobe Reader which is older than 9.1.2 / 8.1.6 / 7.1.3 has been installed on the host. The version of Adobe Reader installed on the remote host is earlier than 9.1.2 / 8.1.6 / 7.1.3. Such versions are reportedly affected by multiple vulnerabilities :
- A stack buffer overflow can lead to code execution.
- An integer buffer overflow can result in an application crash and possibly code execution, although that has not been shown yet.
- A memory corruption issue can result in an application crash and possibly code execution, although that has not been shown yet.
- A memory corruption issue in the JBIG2 filter can lead to code execution.
- A memory corruption issue can lead to code execution.
- A memory corruption issue in the JBIG2 filter can result in an application crash and possibly code execution, although that has not been shown yet.
- Multiple heap buffer overflow vulnerabilities in the JBIG2 filter can lead to code execution.
- Multiple heap buffer overflow vulnerabilities can lead to code execution.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.adobe.com/support/security/bulletins/apsb09-07.html
* Platforms Affected:
Adobe Reader versions prior to 9.1.2
Adobe Reader versions prior to 8.1.6
Adobe Reader versions prior to 7.1.3
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Adobe Reader (9.1.2 / 8.1.6 / 7.1.3 or later), as described in the Adobe Security bulletin at http://www.adobe.com/support/security/bulletins/apsb09-07.html |
| Related URL |
CVE-2009-0198,CVE-2009-0509,CVE-2009-0510,CVE-2009-0511,CVE-2009-0512,CVE-2009-0888,CVE-2009-0889,CVE-2009-1855,CVE-2009-1856,CVE-2009-1857 (CVE) |
| Related URL |
35274,35282,35289,35291,35293,35294,35295,35296,35298,35299,35300,35301,35302,35303 (SecurityFocus) |
| Related URL |
(ISS) |
|
