Synopsis
The version of Adobe Acrobat installed on the remote macOS host is affected by multiple vulnerabilities.
Description
The version of Adobe Acrobat installed on the remote macOS host is a version prior to 17.012.30227, 17.012.30229, 20.005.30331, 20.005.30331, 20.005.30334, 20.005.30334, 22.001.20112, or 22.001.20117. It is, therefore, affected by multiple vulnerabilities:
- Use After Free vulnerability (CWE-416) potentially leading to disclosure of sensitive memory. (CVE-2022-24101, CVE-2022-28250, CVE-2022-28256, CVE-2022-28269, CVE-2022-28837)
- Use After Free vulnerability (CWE-416) potentially leading to arbitrary code execution in the context of the current user. (CVE-2022-24102, CVE-2022-24103, CVE-2022-24104, CVE-2022-27785, CVE-2022-27786, CVE-2022-27789, CVE-2022-27790, CVE-2022-27795, CVE-2022-27796, CVE-2022-27797, CVE-2022-27799, CVE-2022-27800, CVE-2022-27801, CVE-2022-27802, CVE-2022-28230, CVE-2022-28232, CVE-2022-28233, CVE-2022-28235, CVE-2022-28237, CVE-2022-28238, CVE-2022-28240, CVE-2022-28242, CVE-2022-28838, CVE-2022-44514, CVE-2022-44518, CVE-2022-44519, CVE-2022-44520)
- Out-of-bounds Write vulnerability (CWE-787) potentially leading to arbitrary code execution in the context of the current user. (CVE-2022-27787, CVE-2022-27788, CVE-2022-27792, CVE-2022-27793, CVE-2022-27798, CVE-2022-28236, CVE-2022-44512, CVE-2022-44513)
- Out-of-bounds Read vulnerability (CWE-125) when processing a doc object potentially leading to read past the end of an allocated memory structure. (CVE-2022-28231, CVE-2022-28239, CVE-2022-28241, CVE-2022-28243, CVE-2022-28245, CVE-2022-28246, CVE-2022-28248, CVE-2022-28249, CVE-2022-28251, CVE-2022-28252, CVE-2022-28253, CVE-2022-28254, CVE-2022-28255, CVE-2022-28257, CVE-2022-28258, CVE-2022-28259, CVE-2022-28260, CVE-2022-28261, CVE-2022-28262, CVE-2022-28263, CVE-2022-28264, CVE-2022-28265, CVE-2022-28266, CVE-2022-28267, CVE-2022-28268, CVE-2022-35672, CVE-2022-44515, CVE-2022-44516, CVE-2022-44517)
- Stack-based buffer overflow vulnerability (CWE-121) due to insecure processing of a font, potentially leading to arbitrary code execution in the context of the current user. (CVE-2022-27791)
- Use of a variable that has not been initialized vulnerability (CWE-824) when processing of embedded fonts, potentially leading to arbitrary code execution in the context of the current user. (CVE-2022-27794)
- Heap-based buffer overflow vulnerability (CWE-122) due to insecure handling of a crafted .pdf file, potentially leading to arbitrary code execution in the context of the current user. (CVE-2022-28234)
- Violation of secure design principles through bypassing the content security policy vulnerability (CWE-657), potentially leading to an attacker sending arbitrarily configured requests to the cross-origin attack target domain. (CVE-2022-28244)
- Uncontrolled search path vulnerability (CWE-353) potentially leading to local privilege escalation. (CVE-2022-28247)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Adobe Acrobat version 17.012.30227 / 17.012.30229 / 20.005.30331 / 20.005.30331 / 20.005.30334 / 20.005.30334 / 22.001.20112 / 22.001.20117 or later.
Plugin Details
File Name: macos_adobe_acrobat_apsb22-16.nasl
Agent: macosx
Supported Sensors: Nessus Agent, Nessus
Risk Information
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:adobe:acrobat
Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, installed_sw/Adobe Acrobat
Exploit Ease: Exploits are available
Patch Publication Date: 4/12/2022
Vulnerability Publication Date: 1/11/2022
Reference Information
CVE: CVE-2022-24101, CVE-2022-24102, CVE-2022-24103, CVE-2022-24104, CVE-2022-27785, CVE-2022-27786, CVE-2022-27787, CVE-2022-27788, CVE-2022-27789, CVE-2022-27790, CVE-2022-27791, CVE-2022-27792, CVE-2022-27793, CVE-2022-27794, CVE-2022-27795, CVE-2022-27796, CVE-2022-27797, CVE-2022-27798, CVE-2022-27799, CVE-2022-27800, CVE-2022-27801, CVE-2022-27802, CVE-2022-28230, CVE-2022-28231, CVE-2022-28232, CVE-2022-28233, CVE-2022-28234, CVE-2022-28235, CVE-2022-28236, CVE-2022-28237, CVE-2022-28238, CVE-2022-28239, CVE-2022-28240, CVE-2022-28241, CVE-2022-28242, CVE-2022-28243, CVE-2022-28244, CVE-2022-28245, CVE-2022-28246, CVE-2022-28247, CVE-2022-28248, CVE-2022-28249, CVE-2022-28250, CVE-2022-28251, CVE-2022-28252, CVE-2022-28253, CVE-2022-28254, CVE-2022-28255, CVE-2022-28256, CVE-2022-28257, CVE-2022-28258, CVE-2022-28259, CVE-2022-28260, CVE-2022-28261, CVE-2022-28262, CVE-2022-28263, CVE-2022-28264, CVE-2022-28265, CVE-2022-28266, CVE-2022-28267, CVE-2022-28268, CVE-2022-28269, CVE-2022-28837, CVE-2022-28838, CVE-2022-35672, CVE-2022-44512, CVE-2022-44513, CVE-2022-44514, CVE-2022-44515, CVE-2022-44516, CVE-2022-44517, CVE-2022-44518, CVE-2022-44519, CVE-2022-44520