This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The version of Adobe Acrobat on the remote Mac OS X host is affected
by multiple vulnerabilities.
The version of Adobe Acrobat installed on the remote host is version
10.x equal to or prior to 10.1.10, or 11.x equal to or prior to
11.0.07. It is, therefore, affected by multiple vulnerabilities :
- A use-after-free error exists that allows arbitrary code
- A heap-based buffer overflow exists that allows
arbitrary code execution. (CVE-2014-0561, CVE-2014-0567)
- An input-validation error exists that allows universal
cross-site scripting (UXSS) attacks. (CVE-2014-0562)
- A memory corruption error exists that allows denial of
service attacks. (CVE-2014-0563)
- Memory corruption errors exist that allow arbitrary code
execution. (CVE-2014-0565, CVE-2014-0566)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Acrobat 10.1.12 / 11.0.09 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 77713 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now