Summary
The remote host is missing updates announced in
advisory SUSE-SA:2009:014.
Solution
Update your system with the packages as indicated in the referenced security advisory.
https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:014
Insight
Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files.
Please find more details at Adobe's site:
http://www.adobe.com/support/security/bulletins/apsb09-04.html
Note that Adobe did not provide updates for Adobe Reader 7 as used on NLD9. We cannot upgrade to newer versions due to library dependencies. We strongly encourage users of acroread on NLD9 to uninstall the package and to use an alternative, open source pdf viewer instead. We're currently evaluating the possibility of disabling acroread on NLD9 via online update.
Severity
Classification
-
CVE CVE-2009-0193, CVE-2009-0658, CVE-2009-0927, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities