openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Specially crafted PDF documents could crash acroread or lead to
execution of arbitrary code (CVE-2010-2883, CVE-2010-2884,
CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619,
CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623,
CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627,
CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631,
CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658).

See also :

http://lists.opensuse.org/opensuse-updates/2010-10/msg00005.html
https://bugzilla.novell.com/show_bug.cgi?id=638466

Solution :

Update the affected acroread package.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
Public Exploit Available : true