Adobe RoboHelp 10 Unspecified Memory Corruption (APSB13-024)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

An application on the remote host is affected by a memory corruption
vulnerability.

Description :

The Adobe RoboHelp 10 install on the remote Windows host includes a
DLL (MDBMS.dll) that is earlier than 10.0.1.294. It is, therefore,
reportedly affected by an unspecified memory corruption vulnerability.
Successful exploitation of this issue could allow an attacker to
execute arbitrary code on the affected system.

See also :

http://www.adobe.com/support/security/bulletins/apsb13-24.html

Solution :

Update the MDBMS.dll file as discussed in Adobe Security Bulletin
APSB13-24.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70352 ()

Bugtraq ID: 62887

CVE ID: CVE-2013-5327