Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.SUSE_11_ACROREAD-130516.NASL
HistoryMay 19, 2013 - 12:00 a.m.

SuSE 11.2 Security Update : Acrobat Reader (SAT Patch Number 7734)

2013-05-1900:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
32

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.905

Percentile

98.9%

JSON

Acrobat Reader has been updated to version 9.5.5.

The Adobe Advisory can be found at:
https://www.adobe.com/support/security/bulletins/apsb13-15.html

These updates resolve :

  • memory corruption vulnerabilities that could lead to code execution. (CVE-2013-2718 / CVE-2013-2719 / CVE-2013-2720 / CVE-2013-2721 / CVE-2013-2722 / CVE-2013-2723 / CVE-2013-2725 / CVE-2013-2726 / CVE-2013-2731 / CVE-2013-2732 / CVE-2013-2734 / CVE-2013-2735 / CVE-2013-2736 / CVE-2013-3337 / CVE-2013-3338 / CVE-2013-3339 / CVE-2013-3340 / CVE-2013-3341)

  • an integer underflow vulnerability that could lead to code execution. (CVE-2013-2549)

  • a use-after-free vulnerability that could lead to a bypass of Adobe Reader’s sandbox protection.
    (CVE-2013-2550)

  • an information leakage issue involving a JavaScript API.
    (CVE-2013-2737)

  • a stack overflow vulnerability that could lead to code execution. (CVE-2013-2724)

  • buffer overflow vulnerabilities that could lead to code execution. (CVE-2013-2730 / CVE-2013-2733)

  • integer overflow vulnerabilities that could lead to code execution. (CVE-2013-2727 / CVE-2013-2729)

  • a flaw in the way Reader handles domains that have been blacklisted in the operating system. (CVE-2013-3342)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(66505);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/29");

  script_cve_id(
    "CVE-2013-2549",
    "CVE-2013-2550",
    "CVE-2013-2718",
    "CVE-2013-2719",
    "CVE-2013-2720",
    "CVE-2013-2721",
    "CVE-2013-2722",
    "CVE-2013-2723",
    "CVE-2013-2724",
    "CVE-2013-2725",
    "CVE-2013-2726",
    "CVE-2013-2727",
    "CVE-2013-2729",
    "CVE-2013-2730",
    "CVE-2013-2731",
    "CVE-2013-2732",
    "CVE-2013-2733",
    "CVE-2013-2734",
    "CVE-2013-2735",
    "CVE-2013-2736",
    "CVE-2013-2737",
    "CVE-2013-3337",
    "CVE-2013-3338",
    "CVE-2013-3339",
    "CVE-2013-3340",
    "CVE-2013-3341",
    "CVE-2013-3342"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");

  script_name(english:"SuSE 11.2 Security Update : Acrobat Reader (SAT Patch Number 7734)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"Acrobat Reader has been updated to version 9.5.5.

The Adobe Advisory can be found at:
https://www.adobe.com/support/security/bulletins/apsb13-15.html

These updates resolve :

  - memory corruption vulnerabilities that could lead to
    code execution. (CVE-2013-2718 / CVE-2013-2719 /
    CVE-2013-2720 / CVE-2013-2721 / CVE-2013-2722 /
    CVE-2013-2723 / CVE-2013-2725 / CVE-2013-2726 /
    CVE-2013-2731 / CVE-2013-2732 / CVE-2013-2734 /
    CVE-2013-2735 / CVE-2013-2736 / CVE-2013-3337 /
    CVE-2013-3338 / CVE-2013-3339 / CVE-2013-3340 /
    CVE-2013-3341)

  - an integer underflow vulnerability that could lead to
    code execution. (CVE-2013-2549)

  - a use-after-free vulnerability that could lead to a
    bypass of Adobe Reader's sandbox protection.
    (CVE-2013-2550)

  - an information leakage issue involving a JavaScript API.
    (CVE-2013-2737)

  - a stack overflow vulnerability that could lead to code
    execution. (CVE-2013-2724)

  - buffer overflow vulnerabilities that could lead to code
    execution. (CVE-2013-2730 / CVE-2013-2733)

  - integer overflow vulnerabilities that could lead to code
    execution. (CVE-2013-2727 / CVE-2013-2729)

  - a flaw in the way Reader handles domains that have been
    blacklisted in the operating system. (CVE-2013-3342)");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=819918");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2549.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2550.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2718.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2719.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2720.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2721.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2722.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2723.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2724.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2725.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2726.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2727.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2729.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2730.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2731.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2732.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2733.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2734.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2735.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2736.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2737.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3337.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3338.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3339.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3340.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3341.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-3342.html");
  script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 7734.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/05/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-cmaps");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_CN");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_TW");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-9.5.5-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-cmaps-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-fonts-ja-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-fonts-ko-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-fonts-zh_CN-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"acroread-fonts-zh_TW-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"acroread-cmaps-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"acroread-fonts-ja-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"acroread-fonts-ko-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"acroread-fonts-zh_CN-9.4.6-0.4.3.2")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"acroread-fonts-zh_TW-9.4.6-0.4.3.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-cmaps
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-ja
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-ko
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_cn
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:acroread-fonts-zh_tw
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

nessus 7
suse 1
securityvulns 1
redhat 1
openvas 6
cvelist 28
prion 28
nvd 28
cve 28
ubuntucve 28
kaspersky 1
attackerkb 2
zdi 2
gentoo 1
checkpoint_advisories 3
threatpost 1
packetstorm 2
zdt 1
binamuse 2
metasploit 1
cisa_kev 1
exploitdb 1
nessus
nessus
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 8571)
2013-05-19 00:00:00
openSUSE Security Update : acroread (openSUSE-SU-2013:0990-1)
2014-06-13 00:00:00
Adobe Reader < 11.0.3 / 10.1.7 / 9.5.5 Multiple Vulnerabilities (APSB13-15)
2013-05-14 00:00:00
suse
suse
Security update for Acrobat Reader (important)
2013-05-18 00:04:57
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2013-07-15 00:00:00
redhat
redhat
(RHSA-2013:0826) Critical: acroread security update
2013-05-15 00:00:00
openvas
openvas
Adobe Reader Multiple Unspecified Vulnerabilities -01 (May 2013) - Windows
2013-05-28 00:00:00
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 (May 2013) - Windows
2013-05-28 00:00:00
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 (May 2013) - Mac OS X
2013-05-28 00:00:00
cvelist
cvelist
CVE-2013-2726
2013-05-16 10:00:00
CVE-2013-2734
2013-05-16 10:00:00
CVE-2013-2718
2013-05-16 10:00:00
prion
prion
Memory corruption
2013-05-16 11:45:00
Memory corruption
2013-05-16 11:45:00
Memory corruption
2013-05-16 11:45:00
nvd
nvd
CVE-2013-2720
2013-05-16 11:45:31
CVE-2013-2722
2013-05-16 11:45:31
CVE-2013-2718
2013-05-16 11:45:31
cve
cve
CVE-2013-2732
2013-05-16 11:45:31
CVE-2013-3340
2013-05-16 11:45:31
CVE-2013-2734
2013-05-16 11:45:31
ubuntucve
ubuntucve
CVE-2013-2732
2013-05-16 00:00:00
CVE-2013-2725
2013-05-16 00:00:00
CVE-2013-2726
2013-05-16 00:00:00
kaspersky
kaspersky
KLA10457 Adobe Acrobat & Reader multiple vulnerabilities
2013-08-08 00:00:00
attackerkb
attackerkb
CVE-2013-3346
2013-08-30 00:00:00
CVE-2013-2729
2013-05-16 00:00:00
zdi
zdi
(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability
2013-05-30 00:00:00
Adobe Reader U3D Processing Remote Code Execution Vulnerability
2013-05-30 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2013-08-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader Use-after-closed Sandbox Security Bypass (APSB13-15; CVE-2013-2550)
2013-05-20 00:00:00
Adobe Reader AdobeCollabSync Sandbox Bypass (APSB13-15; CVE-2013-2730)
2013-06-18 00:00:00
Adobe Acrobat Reader Crafted RLE8 format BMP File Buffer Overflow (APSB13-15; CVE-2013-2729)
2013-05-19 00:00:00
threatpost
threatpost
US-CERT Warns of Dyre Banking Trojan
2014-10-28 13:09:59
packetstorm
packetstorm
Adobe Reader X 10.1.4.38 BMP/RLE Heap Corruption
2013-07-08 00:00:00
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
2013-05-23 00:00:00
zdt
zdt
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
2013-05-24 00:00:00
binamuse
binamuse
Adobe Reader X Sandbox bypass - CVE-2013-2730
2013-05-15 16:36:00
Adobe Reader BMP/RLE heap corruption - CVE-2013-2729
2013-05-14 19:11:00
metasploit
metasploit
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
2013-05-18 17:44:24
cisa_kev
cisa_kev
Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability
2022-03-28 00:00:00
exploitdb
exploitdb
AdobeCollabSync - Local Buffer Overflow / Adobe Reader X Sandbox Bypass (Metasploit)
2013-05-26 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.905

Percentile

98.9%

JSON
Related for SUSE_11_ACROREAD-130516.NASL
nessus7suse1securityvulns1redhat1openvas6cvelist28prion28nvd28cve28ubuntucve28kaspersky1attackerkb2zdi2gentoo1checkpoint_advisories3threatpost1packetstorm2zdt1binamuse2metasploit1cisa_kev1exploitdb1