Adobe Software Signed By Revoked Certificate (APSA12-01)

medium Nessus Plugin ID 62693

Synopsis

An application installed on the remote Windows host is signed by a revoked certificate.

Description

The remote host is using Adobe software that has been digitally signed by a revoked certificate. An Adobe build server was compromised, which has caused at least two malicious utilities to be signed with Adobe's code signing certificate. Any software signed by this revoked certificate (including legitimate Adobe software) is no longer trusted.

This plugin checks if the following software has been signed by the revoked certificate :

- Adobe Bridge
- Adobe Extension Manager CS6
- Adobe Media Encoder CS6
- Adobe Premiere Pro CS6
- Adobe Reader
- Audition CS6
- ColdFusion 10
- Configurator 3.1
- Contribute 6.5
- Dreamweaver CS6
- Drive 4
- Encore CS6
- Flash Player
- Flash Professional CS6
- Illustrator CS6
- Photoshop CS6
- Prelude CS6
- Presenter 8
- Shockwave Player
- SpeedGrade CS6

Solution

Update all affected Adobe applications to the latest version. Refer to Adobe security advisory APSA12-01 for more information.

See Also

https://www.adobe.com/support/security/advisories/apsa12-01.html

https://helpx.adobe.com/x-productkb/global/certificate-updates.html

http://www.nessus.org/u?89081e80

Plugin Details

Severity: Medium

ID: 62693

File Name: adobe_apsa12-01.nasl

Version: 1.9

Type: local

Agent: windows

Family: Windows

Published: 10/24/2012

Updated: 6/1/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Patch Publication Date: 10/4/2012

Vulnerability Publication Date: 9/27/2012

Reference Information

IAVB: 2012-B-0099-S, 2012-B-0100-S