This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The PDF file viewer on the remote Windows host is affected by multiple
The version of Adobe Reader installed on the remote host is earlier
than 8.1.3. Such versions are reportedly affected by multiple
- There is a publicly-published denial of service issue
- A stack-based buffer overflow when parsing format
strings containing a floating point specifier in the
attacker to execute arbitrary code (CVE-2008-2992).
- Multiple input validation errors could lead to code
- Multiple input validation issues could lead to remote
code execution. (CVE-2008-4813)
- A heap corruption vulnerability in an AcroJS function
available to scripting code inside of a PDF document
could lead to remote code execution. (CVE-2008-4817)
- An input validation issue in the Download Manager used
by Adobe Reader could lead to remote code execution
during the download process (CVE-2008-5364).
- An issue in the Download Manager used by Adobe Reader
could lead to a user's Internet Security options being
changed during the download process (CVE-2008-4816).
lead to remote code execution (CVE-2008-4814).
See also :
Upgrade to Adobe Reader 9.0 / 8.1.3 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Nessus Plugin ID: 34695 (adobe_reader_813.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now