This script is Copyright (C) 2016 Tenable Network Security, Inc.
The version of Adobe Reader installed on the remote Mac OS X host is
affected by multiple vulnerabilities.
The version of Adobe Reader installed on the remote Mac OS X host is a
version prior to 11.0.14, 15.006.30119, or 15.010.20056. It is,
therefore, affected by multiple vulnerabilities :
- Multiple use-after-free errors exist that allow a remote
attacker to execute arbitrary code. (CVE-2016-0932,
CVE-2016-0934, CVE-2016-0937, CVE-2016-0940,
- Multiple memory corruption issues exist that allow a
remote attacker to execute arbitrary code.
(CVE-2016-0931, CVE-2016-0933, CVE-2016-0936,
CVE-2016-0938, CVE-2016-0939, CVE-2016-0942,
CVE-2016-0944, CVE-2016-0945, CVE-2016-0946)
- Multiple double-free errors exist that allow a remote
attacker to execute arbitrary code. (CVE-2016-0935,
a remote attacker to bypass restrictions and execute
arbitrary code. (CVE-2016-0943)
- A flaw exists in the download manager related to the
directory search path used to find resources. A remote
attacker can exploit this execute arbitrary code.
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Reader 11.0.14 / 15.006.30119 / 15.010.20056 or
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 87920 ()
CVE ID: CVE-2016-0931
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now