This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The version of Adobe Acrobat on the remote Mac OS X host is affected
by multiple vulnerabilities.
The version of Adobe Acrobat installed on the remote host is a version
prior to 10.1.10 / 11.0.7. It is, therefore, affected by multiple
- A heap overflow vulnerability exists that could lead to
code execution. (CVE-2014-0511)
- A security bypass vulnerability exists with input
- An information disclosure vulnerability exists with the
- Multiple memory corruption vulnerabilities exists that
could lead to code execution. (CVE-2014-0522,
CVE-2014-0523, CVE-2014-0524, CVE-2014-0526)
- A vulnerability exists with how Reader handles a certain
API call that could lead to code execution.
- A use-after-free vulnerability exists that could lead
to code execution. (CVE-2014-0527)
- A double-free vulnerability exists that could lead to
code execution. (CVE-2014-0528)
- A buffer overflow vulnerability exists that could lead
to code execution. (CVE-2014-0529)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Acrobat 10.1.10 / 11.0.07 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 74013 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now