Detections
Analytics
Adobe Acrobat 9.x / 10.x Unspecified Memory Corruption (APSB11-06)
high Nessus Plugin ID 52671
Language:
Synopsis
The version of Adobe Acrobat on the remote Windows host is affected by a memory corruption vulnerability.Description
The remote Windows host contains a version of Adobe Acrobat 9.x < 9.4.3 or 10.x < 10.0.2. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll.A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution.
This bug is currently being exploited in the wild.
Solution
Upgrade to Adobe Acrobat 9.4.3 / 10.0.2 or later.See Also
http://www.adobe.com/support/security/advisories/apsa11-01.html
http://www.nessus.org/u?82775d9e
https://www.adobe.com/support/security/bulletins/apsb11-06.html
Plugin Details
Severity: High
ID: 52671
File Name: adobe_acrobat_apsa11-01.nasl
Version: 1.20
Type: local
Agent: windows
Family: Windows
Published: 3/15/2011
Updated: 6/8/2022
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.6
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2011-0609
Vulnerability Information
CPE: cpe:/a:adobe:acrobat
Required KB Items: SMB/Acrobat/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/21/2011
Vulnerability Publication Date: 3/14/2011
CISA Known Exploited Vulnerability Due Dates: 6/22/2022
Exploitable With
Core Impact
Metasploit (Adobe Flash Player AVM Bytecode Verification Vulnerability)
Reference Information
CVE: CVE-2011-0609
BID: 46860
CERT: 192052