Summary
This host is installed with Adobe Reader and is prone to plugin signature bypass vulnerability.
Impact
Successful exploitation will allow attacker to submit a modified plug-in to bypass signature checks and execute malicious code on the system.
Impact Level: System/Application
Solution
Update to Adobe Reader version 6.0 or later. For updates refer, For updates refer to http://www.adobe.com
Insight
The flaw is due to fact the program only verifies the PE header of executable code for a plug-in signature check.
Affected
Adobe Reader 4.x and 5.x version on Mac OS X.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2002-0030 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
- Apple Safari Multiple Vulnerabilities
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
- Apple Safari Webkit Multiple Vulnerabilities - March 2011
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability