This script is Copyright (C) 2014 Tenable Network Security, Inc.
The version of Adobe Reader on the remote Mac OS X host is affected by
The version of Adobe Reader installed on the remote host is a version
prior to 10.1.10 / 11.0.07. It is, therefore, affected by multiple
- A heap overflow vulnerability exists that could lead to
code execution. (CVE-2014-0511)
- A security bypass vulnerability exists with input
- An information disclosure vulnerability exists with the
- Multiple memory corruption vulnerabilities exists that
could lead to code execution. (CVE-2014-0522,
CVE-2014-0523, CVE-2014-0524, CVE-2014-0526)
- A vulnerability exists with how Reader handles a certain
API call that could lead to code execution.
- A use-after-free vulnerability exists that could lead
to code execution. (CVE-2014-0527)
- A double-free vulnerability exists that could lead to
code execution. (CVE-2014-0528)
- A buffer overflow vulnerability exists that could lead
to code execution. (CVE-2014-0529)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Reader 10.1.10 / 11.0.07 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 74014 ()
Bugtraq ID: 6620566512673606736267363673656736667367673686736967370
CVE ID: CVE-2014-0511CVE-2014-0512CVE-2014-0521CVE-2014-0522CVE-2014-0523CVE-2014-0524CVE-2014-0525CVE-2014-0526CVE-2014-0527CVE-2014-0528CVE-2014-0529
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.