Summary
This host is installed with Adobe Reader and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to conduct a denial of service and execution of arbitrary code or compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Adobe Reader version 8.1.2 or later. For updates refer, http://www.adobe.com/downloads
Insight
Flaws are due to,
- Multiple boundary errors in several unspecified JavaScript methods.
- An unspecified insecure JavaScript method in 'EScript.api'.
- Untrusted search path error in 'Security Provider' libraries.
- An error in insecure JavaScript method 'DOC.print'.
- An integer overflow in the 'printSepsWithParams' JavaScript method.
- An unspecified error in Javascript API.
- Other unspecified errors.
Affected
Adobe Reader version 8.1.1 and earlier on Linux.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2007-5659, CVE-2007-5663, CVE-2007-5666, CVE-2008-0655, CVE-2008-0667, CVE-2008-0726, CVE-2008-2042 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Air Multiple Vulnerabilities - November12 (Windows)
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)