This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The version of Adobe Reader on the remote Mac OS X host is affected by
The version of Adobe Reader installed on the remote Mac OS X host is
prior to 10.1.1, 9.4.6, or 8.3.1. It is, therefore, affected by the
following vulnerabilities :
- An unspecified error exists that allows an attacker to
bypass security restrictions, resulting in code
- Multiple buffer overflow conditions exists that allow an
attacker to execute arbitrary code. (CVE-2011-2432,
- Multiple heap overflow conditions exist that allow an
attacker to execute arbitrary code. (CVE-2011-2433,
CVE-2011-2434, CVE-2011-2436, CVE-2011-2437)
- Multiple stack overflow conditions exist that allow an
attacker to execute arbitrary code. (CVE-2011-2438)
- An error exists related to memory leak issues that
allows an attacker to execute arbitrary code.
- A use-after-free error exists that allows an attacker to
execute arbitrary code. (CVE-2011-2440)
- Multiple errors exist in the CoolType.dll library that
can allow stack overflow conditions, resulting in code
- A logic error exists that allows an attacker to execute
arbitrary code. (CVE-2011-2442)
- Multiple vulnerabilities exist, as noted in APSB11-21,
that can allow an attacker to take control of the
affected system or cause the application to crash.
(CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138,
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414,
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417,
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Reader version 10.1.1 / 9.4.6 / 8.3.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.4
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 56199 ()
CVE ID: CVE-2011-1353
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now