Adobe Acrobat < 10.1.2 / 9.5 Multiple Vulnerabilities (APSB12-01)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The version of Adobe Acrobat on the remote Windows host is affected
by multiple vulnerabilities.

Description :

The version of Adobe Acrobat installed on the remote host is earlier
than 10.1.2 / 9.5, and therefore affected by multiple memory
corruption vulnerabilities. An attacker could exploit these issues by
tricking a user into opening a maliciously crafted Acrobat file,
resulting in arbitrary code execution.

Adobe Acrobat 10.1.2 is the first 10.x release to include fixes for
CVE-2011-2462 and CVE-2011-4369. These were previously fixed for 9.x
releases in 9.4.7 (APSB11-30).

See also :

http://www.zerodayinitiative.com/advisories/ZDI-12-021
http://www.securityfocus.com/archive/1/521538/30/0/threaded
http://www.adobe.com/support/security/advisories/apsa11-04.html
http://www.adobe.com/support/security/bulletins/apsb11-30.html
http://www.adobe.com/support/security/bulletins/apsb12-01.html

Solution :

Upgrade to Adobe Acrobat 9.5 / 10.1.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now