This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The version of Adobe Acrobat on the remote Windows host is affected by
The version of Adobe Acrobat installed on the remote host is earlier
than 8.1.2 or 7.1.0. Such versions are reportedly affected by
multiple vulnerabilities :
- A design error vulnerability may allow an attacker to
gain control of a user's printer.
- Multiple stack-based buffer overflows may allow an
attacker to execute arbitrary code subject to the
- Insecure loading of 'Security Provider' libraries may
allow for arbitrary code execution.
in the 'EScript.api' plug-in allows direct control
over low-level features of the object, which allows
for execution of arbitrary code as the current user.
- Two vulnerabilities in the unpublicized function
'app.checkForUpdate()' exploited through a callback
function could lead to arbitrary code execution in
Adobe Acrobat 7.
See also :
Upgrade to Adobe Acrobat 8.1.2 / 7.1.0 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true