Adobe Photoshop CC 19.x <= 19.1.8 / 20.x <= 20.0.5 Vulnerability (APSB19-15)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(127898);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/20");

  script_cve_id(
    "CVE-2019-7968",
    "CVE-2019-7969",
    "CVE-2019-7970",
    "CVE-2019-7971",
    "CVE-2019-7972",
    "CVE-2019-7973",
    "CVE-2019-7974",
    "CVE-2019-7975",
    "CVE-2019-7976",
    "CVE-2019-7977",
    "CVE-2019-7978",
    "CVE-2019-7979",
    "CVE-2019-7980",
    "CVE-2019-7981",
    "CVE-2019-7982",
    "CVE-2019-7983",
    "CVE-2019-7984",
    "CVE-2019-7985",
    "CVE-2019-7986",
    "CVE-2019-7987",
    "CVE-2019-7988",
    "CVE-2019-7989",
    "CVE-2019-7990",
    "CVE-2019-7991",
    "CVE-2019-7992",
    "CVE-2019-7993",
    "CVE-2019-7994",
    "CVE-2019-7995",
    "CVE-2019-7996",
    "CVE-2019-7997",
    "CVE-2019-7998",
    "CVE-2019-7999",
    "CVE-2019-8000",
    "CVE-2019-8001"
  );

  script_name(english:"Adobe Photoshop CC 19.x <= 19.1.8 / 20.x <= 20.0.5 Vulnerability (APSB19-15)");
  script_summary(english:"Checks the version of Adobe Photoshop.");

  script_set_attribute(attribute:"synopsis", value:
"Adobe Photoshop installed on remote macOS or Mac OS X host is affected
by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Photoshop CC installed on the remote macOS or Mac
OS X host is equal or prior to 19.1.8 (2018.1.8), 20.0.5 (2019.0.5). It is,
therefore, affected by the vulnerabilities as referenced in the apsb19-15
advisory.

  - An heap-overflow flaw exists that allows remote attackers
    to execute arbitrary commands via unspecified means.
    (CVE-2019-7978, CVE-2019-7980, CVE-2019-7985,
    CVE-2019-7990, CVE-2019-7993)

  - A type-confusion flaw exists that allows remote attackers
    to execute arbitrary commands via unspecified means.
    (CVE-2019-7969, CVE-2019-7970, CVE-2019-7971,
    CVE-2019-7972, CVE-2019-7973, CVE-2019-7974,
    CVE-2019-7975)

  - An out-of-bounds read flaw exists that allows remote attackers
    to execute arbitrary commands via unspecified means.
    (CVE-2019-7977, CVE-2019-7981, CVE-2019-7987,
    CVE-2019-7991, CVE-2019-7992, CVE-2019-7995,
    CVE-2019-7996, CVE-2019-7997, CVE-2019-7998,
    CVE-2019-7999, CVE-2019-8000, CVE-2019-8001)

  - A command injection flaw exists that allows remote attackers
    to execute arbitrary commands via unspecified means.
    (CVE-2019-7968, CVE-2019-7989)

  - An out-of-bounds write flaw exists that allows remote attackers
    to execute arbitrary commands via unspecified means.
    (CVE-2019-7976, CVE-2019-7979, CVE-2019-7982,
    CVE-2019-7983, CVE-2019-7984, CVE-2019-7986,
    CVE-2019-7988, CVE-2019-7994)

Note that Nessus has not tested for these issues but has instead relied
only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/photoshop/apsb19-44.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Photoshop CC version 19.1.9 (2018.1.9), 20.0.6
(2019.0.6) or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-8001");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:photoshop_cc");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_adobe_photoshop_installed.nasl");
  script_require_keys("Host/MacOSX/Version", "installed_sw/Adobe Photoshop");

  exit(0);
}

include("vcf.inc");

get_kb_item_or_exit("Host/MacOSX/Version");

app_info = vcf::get_app_info(app:"Adobe Photoshop");

if ("CC" >!< app_info.name) vcf::vcf_exit(0, "Only Adobe Photoshop CC is affected.");
vcf::check_granularity(app_info:app_info, sig_segments:2);

constraints = [
  { "min_version" : "19", max_version : "19.1.8", "fixed_version" : "19.1.9" },
  { "min_version" : "20", max_version : "20.0.5", "fixed_version" : "20.0.6" }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);