This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The version of Adobe Reader on the remote Mac OS X host is affected
by multiple vulnerabilities.
The version of Adobe Reader installed on the remote Mac OS X host is
earlier than 10.1.1 / 9.4.6 / 8.3.1. It is therefore potentially
affected by the following vulnerabilities :
- An unspecified error exists that can allow an attacker
to bypass security leading to code execution.
- Several errors exist that allow buffer overflows
leading to code execution. (CVE-2011-2432,
- Several errors exist that allow heap overflows leading
to code execution. (CVE-2011-2433, CVE-2011-2434,
- Several errors exist that allow stack overflows leading
to code execution. (CVE-2011-2438)
- An error exists that can allow memory leaks leading to
code execution. (CVE-2011-2439)
- A use-after-free error exists that can allow code
- Several errors exist in the 'CoolType.dll' library that
can allow stack overflows leading to code execution.
- A logic error exists that can lead to code execution.
- Multiple issues exist as noted in APSB11-21, a security
update for Adobe Flash Player. (CVE-2011-2130,
CVE-2011-2134, CVE-2011-2135, CVE-2011-2136,
CVE-2011-2137, CVE-2011-2138, CVE-2011-2139,
CVE-2011-2140, CVE-2011-2414, CVE-2011-2415,
CVE-2011-2416, CVE-2011-2417, CVE-2011-2425,
See also :
Upgrade to Adobe Reader 10.1.1 / 9.4.6 / 8.3.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 56199 ()
CVE ID: CVE-2011-2130