Adobe Reader < 11.0.17 / 15.006.30198 / 15.017.20050 Multiple Vulnerabilities (APSB16-26)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The version of Adobe Reader installed on the remote Windows host is
affected by multiple vulnerabilities.

Description :

The version of Adobe Reader installed on the remote Windows host is
prior to 11.0.17, 15.006.30198, or 15.017.20050. It is, therefore,
affected by multiple vulnerabilities :

- Multiple unspecified memory corruption issues exist due
to improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit these to
execute arbitrary code. (CVE-2016-4191, CVE-2016-4192,
CVE-2016-4193, CVE-2016-4194, CVE-2016-4195,
CVE-2016-4196, CVE-2016-4197, CVE-2016-4198,
CVE-2016-4199, CVE-2016-4200, CVE-2016-4201,
CVE-2016-4202, CVE-2016-4203, CVE-2016-4204,
CVE-2016-4205, CVE-2016-4206, CVE-2016-4207,
CVE-2016-4208, CVE-2016-4211, CVE-2016-4212,
CVE-2016-4213, CVE-2016-4214, CVE-2016-4250,
CVE-2016-4251, CVE-2016-4252, CVE-2016-4254,
CVE-2016-4265, CVE-2016-4266, CVE-2016-4267,
CVE-2016-4268, CVE-2016-4269, CVE-2016-4270,
CVE-2016-6937)

- An unspecified heap buffer overflow condition exists due
to improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit this to
execute arbitrary code. (CVE-2016-4209)

- An unspecified integer overflow condition exists that
allows an unauthenticated, remote attacker to execute
arbitrary code. (CVE-2016-4210)

- An unspecified flaw exists that allows an
unauthenticated, remote attacker to bypass the
JavaScript API and execute arbitrary code.
CVE-2016-4215)

- An unspecified use-after-free error exists that allows
an unauthenticated, remote attacker to execute arbitrary
code. (CVE-2016-4255, CVE-2016-6938)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://helpx.adobe.com/security/products/acrobat/apsb16-26.html

Solution :

Upgrade to Adobe Reader version 11.0.17 / 15.006.30198 / 15.017.20050
or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true