Summary
This host is installed with Adobe Acrobat and is prone to Remote Code Execution Vulnerability.
Impact
Successful exploitation will allow attackers to bypass the security controls and execute arbitrary javascript code by launching javascript scheme URIs when a PDF file is being viewed in a browser.
Impact Level: System/Application
Solution
Update to Adobe Acrobat version 11.0.05 or later,
For updates refer to http://www.adobe.com/downloads/updates.html
Insight
The flaw is due to some error affecting javascript security controls.
Affected
Adobe Acrobat version 11.x before 11.0.05 on Windows
Detection
Get the installed version of Adobe Acrobat with the help of detect NVT and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-5325 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
- Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)