This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The version of Adobe Reader on the remote Mac OS X host is affected
by a memory corruption vulnerability.
The version of Adobe Reader installed on the remote Mac OS X host is
prior or equal to 10.1.1 or 9.4.6. It is, therefore, affected by a
memory corruption issue related to the Universal 3D (U3D) file format.
A remote attacker can exploit this, by convincing a user to view a
maliciously crafted PDF file, to cause an application crash or to
execute arbitrary code.
Note that the Adobe Reader X user-specific option to use 'Protected
Mode' prevents an exploit of this kind from being executed, but Nessus
cannot test for this configuration option.
See also :
Upgrade to Adobe Reader version 9.5 / 10.1.2 or later. If the product
is Adobe Reader X, and upgrading is not an option, then the
user-specific option 'Protected Mode' should be enabled.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 57044 ()
CVE ID: CVE-2011-2445
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now