Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.REDHAT-RHSA-2007-0021.NASL
HistoryJan 24, 2013 - 12:00 a.m.

RHEL 3 : Adobe Acrobat Reader (RHSA-2007:0021)

2013-01-2400:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
18

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.927

Percentile

99.1%

JSON

Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

[Updated 23 Jan 2007] The previous acroread packages were missing dependencies on the new libraries which could prevent acroread from starting. Replacement acroread packages have been added to this erratum to correct this issue.

The Adobe Reader allows users to view and print documents in portable document format (PDF).

A cross site scripting flaw was found in the way the Adobe Reader Plugin processes certain malformed URLs. A malicious web page could inject arbitrary javascript into the browser session which could possibly lead to a cross site scripting attack. (CVE-2007-0045)

Two arbitrary code execution flaws were found in the way Adobe Reader processes malformed document files. It may be possible to execute arbitrary code on a victim’s machine if the victim opens a malicious PDF file. (CVE-2006-5857, CVE-2007-0046)

Please note that Adobe Reader 7.0.9 requires versions of several system libraries that were not shipped with Red Hat Enterprise Linux 3. This update contains additional packages that provide the required system library versions for Adobe Reader. These additional packages are only required by Adobe Reader and do not replace or affect any other aspects of a Red Hat Enterprise Linux 3 system.

All users of Adobe Reader are advised to upgrade to these updated packages, which contain Adobe Reader version 7.0.9 and additional libraries to correct these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2007:0021. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(63836);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2006-5857", "CVE-2007-0045", "CVE-2007-0046");
  script_xref(name:"RHSA", value:"2007:0021");

  script_name(english:"RHEL 3 : Adobe Acrobat Reader (RHSA-2007:0021)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated acroread packages that fix several security issues are now
available for Red Hat Enterprise Linux 3.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

[Updated 23 Jan 2007] The previous acroread packages were missing
dependencies on the new libraries which could prevent acroread from
starting. Replacement acroread packages have been added to this
erratum to correct this issue.

The Adobe Reader allows users to view and print documents in portable
document format (PDF).

A cross site scripting flaw was found in the way the Adobe Reader
Plugin processes certain malformed URLs. A malicious web page could
inject arbitrary javascript into the browser session which could
possibly lead to a cross site scripting attack. (CVE-2007-0045)

Two arbitrary code execution flaws were found in the way Adobe Reader
processes malformed document files. It may be possible to execute
arbitrary code on a victim's machine if the victim opens a malicious
PDF file. (CVE-2006-5857, CVE-2007-0046)

Please note that Adobe Reader 7.0.9 requires versions of several
system libraries that were not shipped with Red Hat Enterprise Linux
3. This update contains additional packages that provide the required
system library versions for Adobe Reader. These additional packages
are only required by Adobe Reader and do not replace or affect any
other aspects of a Red Hat Enterprise Linux 3 system.

All users of Adobe Reader are advised to upgrade to these updated
packages, which contain Adobe Reader version 7.0.9 and additional
libraries to correct these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.redhat.com/security/data/cve/CVE-2006-5857.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.redhat.com/security/data/cve/CVE-2007-0045.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.redhat.com/security/data/cve/CVE-2007-0046.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.adobe.com/support/security/bulletins/apsb07-01.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://rhn.redhat.com/errata/RHSA-2007-0021.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_cwe_id(399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-libs-atk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-libs-glib2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-libs-gtk2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-libs-gtk2-engines");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-libs-pango");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:acroread-plugin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/01/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
  script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

flag = 0;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-7.0.9-1.1.1.EL3")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-libs-atk-1.8.0-1.el3")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-libs-glib2-2.4.7-1")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-libs-gtk2-2.4.13-1.el3")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-libs-gtk2-engines-2.2.0-1.el3")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-libs-pango-1.6.0-1.el3")) flag++;
if (rpm_check(release:"RHEL3", cpu:"i386", reference:"acroread-plugin-7.0.9-1.1.1.EL3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

Related

nessus 28
redhat 2
kaspersky 1
gentoo 2
openvas 17
suse 2
cve 4
securityvulns 4
nvd 4
cvelist 4
cert 2
checkpoint_advisories 3
ubuntucve 3
prion 3
exploitdb 1
chrome 1
mozilla 1
debian 1
seebug 1
nessus
nessus
RHEL 4 : Adobe Acrobat Reader (RHSA-2007:0017)
2013-01-24 00:00:00
Solaris 10 (sparc) : 121104-11
2018-03-12 00:00:00
Solaris 10 (sparc) : 121104-11 (deprecated)
2006-11-06 00:00:00
redhat
redhat
(RHSA-2007:0021) Critical: Adobe Acrobat Reader security update
2007-01-22 00:00:00
(RHSA-2007:0017) Critical: Adobe Acrobat Reader security update
2007-01-11 00:00:00
kaspersky
kaspersky
KLA10032 Multiple vulnerabilities in Adobe Acrobat & Reader
2007-01-09 00:00:00
gentoo
gentoo
Adobe Acrobat Reader: Multiple vulnerabilities
2007-01-22 00:00:00
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200701-16 (acroread)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200701-16 (acroread)
2008-09-24 00:00:00
SLES9: Security update for acroread
2009-10-10 00:00:00
suse
suse
remote code execution in acroread
2007-01-22 18:37:17
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31
cve
cve
CVE-2006-5857
2007-01-10 02:00:00
CVE-2007-0046
2007-01-03 21:28:00
CVE-2007-0045
2007-01-03 21:28:00
securityvulns
securityvulns
[Full-disclosure] Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite
2007-01-10 00:00:00
Adobe Reader buffer overflow
2007-01-10 00:00:00
Adobe reader plugin PDF files universal crossite scripting
2007-01-04 00:00:00
nvd
nvd
CVE-2006-5857
2006-12-31 05:00:00
CVE-2007-0046
2007-01-03 21:28:00
CVE-2007-0045
2007-01-03 21:28:00
cvelist
cvelist
CVE-2006-5857
2007-01-10 02:00:00
CVE-2007-0046
2007-01-03 20:00:00
CVE-2007-0045
2007-01-03 20:00:00
cert
cert
Adobe Acrobat allows pointer overwrite via specially crafted PDF file
2007-01-19 00:00:00
Adobe Acrobat Plug-In cross domain violation
2007-01-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader Plugin Crafted URL Double Free (CVE-2007-0046)
2010-01-24 00:00:00
Update Protection against Multiple Adobe Acrobat Vulnerabilities
2007-01-21 00:00:00
Adobe Reader Plugin Malformed URL Cross-Site Scripting (APSB07-01; CVE-2007-0045; CVE-2007-0048)
2010-01-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-0046
2007-01-03 00:00:00
CVE-2007-0045
2007-01-03 00:00:00
CVE-2007-1199
2007-03-02 00:00:00
prion
prion
Double free
2007-01-03 21:28:00
Cross site scripting
2007-01-03 21:28:00
Code injection
2007-03-02 21:18:00
exploitdb
exploitdb
Adobe Acrobat Reader Plugin 7.0.x - &#039;acroreader&#039; Cross-Site Scripting
2007-01-05 00:00:00
chrome
chrome
Stable, Beta update: Yahoo! Mail and Security Fixes
2009-01-28 00:00:00
mozilla
mozilla
Improvements to help protect against Cross-Site Scripting attacks — Mozilla
2007-02-23 00:00:00
debian
debian
[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities
2007-07-22 17:43:28
seebug
seebug
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.927

Percentile

99.1%

JSON
Related for REDHAT-RHSA-2007-0021.NASL
nessus28redhat2kaspersky1gentoo2openvas17suse2cve4securityvulns4nvd4cvelist4cert2checkpoint_advisories3ubuntucve3prion3exploitdb1chrome1mozilla1debian1seebug1