Adobe Reader < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The version of Adobe Reader installed on the remote Windows host is
affected by multiple vulnerabilities.

Description :

The version of Adobe Reader installed on the remote Windows host is
prior to 11.0.19, 15.006.30279, or 15.023.20053. It is, therefore,
affected by multiple vulnerabilities :

- Multiple memory corruption issues exist due to improper
validation of unspecified input. An unauthenticated,
remote attacker can exploit these to execute arbitrary
code. (CVE-2017-2939, CVE-2017-2940, CVE-2017-2941,
CVE-2017-2943, CVE-2017-2944, CVE-2017-2953,
CVE-2017-2954)

- Multiple heap buffer overflow conditions exist due to
improper validation of unspecified input. An
unauthenticated, remote attacker can exploit these to
execute arbitrary code. (CVE-2017-2942, CVE-2017-2945,
CVE-2017-2959)

- A heap buffer overflow condition exists when handling
JPEG2000 images due to improper validation of
unspecified input. An unauthenticated, remote attacker
can exploit this to execute arbitrary code.
(CVE-2017-2946)

- An unspecified security bypass vulnerability exists that
allows an unauthenticated, remote attacker to have an
unspecified impact. (CVE-2017-2947)

- Multiple overflow conditions exist due to improper
validation of unspecified input. An unauthenticated,
remote attacker can exploit these to execute arbitrary
code. (CVE-2017-2948, CVE-2017-2952)

- A heap buffer overflow condition exists when handling
the XSLT element-available() function that allows an
unauthenticated, remote attacker to execute arbitrary
code. (CVE-2017-2949)

- Multiple use-after-free memory errors exist when handling
XFA subform layouts, hyphenation objects, field font
sizes, and template objects. An unauthenticated, remote
attacker can exploit these to execute arbitrary code.
(CVE-2017-2950, CVE-2017-2951, CVE-2017-2961,
CVE-2017-2967)

- Multiple use-after-free memory errors exist that allow
an unauthenticated, remote attacker to execute arbitrary
code. (CVE-2017-2955, CVE-2017-2956, CVE-2017-2957,
CVE-2017-2958)

- Multiple memory corruption issues exist when handling
JPEG and TIFF files due to improper validation of
unspecified input. An unauthenticated, remote attacker
can exploit these to execute arbitrary code.
(CVE-2017-2960, CVE-2017-2963, CVE-2017-2964,
CVE-2017-2965)

- A type confusion error exists when handling the XSLT
lang() function that allows an unauthenticated, remote
attacker to execute arbitrary code. (CVE-2017-2962)

- A heap buffer overflow condition exists in the
ImageConversion component when handling TIFF images()
due to improper validation of unspecified input. An
unauthenticated, remote attacker can exploit this to
execute arbitrary code. (CVE-2017-2966)

- A buffer overflow condition exists in the JPEG2000
parser due to improper validation of unspecified input.
An unauthenticated, remote attacker can exploit this to
disclose sensitive information. (CVE-2017-3009)

- A memory corruption issue exists in the Rendering engine
due to improper validation of unspecified input. An
unauthenticated, remote attacker can exploit this to
cause a denial of service condition or the execution of
arbitrary code. (CVE-2017-3010)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://helpx.adobe.com/security/products/acrobat/apsb17-01.html

Solution :

Upgrade to Adobe Reader version 11.0.19 / 15.006.30279 / 15.023.20053
or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true