This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The PDF file viewer on the remote Windows host is affected by
The version of Adobe Reader installed on the remote host is earlier
than 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by
multiple vulnerabilities :
- An integer buffer overflow can be triggered when
processing a malformed JBIG2 image stream with the
'/JBIG2Decode' filter. (CVE-2009-0658)
a Collab object could allow for remote code execution.
- Additional vulnerabilities involving handling of JBIG2
image streams could lead to remote code execution.
(CVE-2009-0193, CVE-2009-0928, CVE-2009-1061,
If an attacker can trick a user into opening a specially crafted PDF
file, these flaws can exploited to execute arbitrary code subject to
the user's privileges.
See also :
Upgrade to Adobe Reader 9.1 / 8.1.4 / 7.1.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 9.3
Public Exploit Available : true
Nessus Plugin ID: 35821 (adobe_reader_91.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now