Multiple Adobe Products XML External Entity (XXE) Injection (APSB10-05)

medium Nessus Plugin ID 44937

Language:

Synopsis

The remote host is susceptible to XML External Entity (XXE) attacks.

Description

The remote host appears to be running an Adobe product that is susceptible to XML External Entity (XXE) attacks. The installed version of the product fails to block the use of external XML entities while using the HTTPChannel to transport data in AMFX format. A remote, unauthenticated attacker could exploit this vulnerability to read arbitrary files from the remote system.

According to the Adobe advisory, Adobe BlazeDS, LiveCycle, LiveCycle Data Services, Flex Data Services and ColdFusion are known to be affected by this issue.

Solution

Apply the appropriate vendor-supplied patches.

See Also

http://www.nessus.org/u?6688a1e2

https://seclists.org/bugtraq/2010/Feb/197

https://www.adobe.com/support/security/bulletins/apsb10-05.html

Plugin Details

Severity: Medium

ID: 44937

File Name: adobe_multiple_products_xxe.nasl

Version: 1.27

Type: remote

Family: CGI abuses

Published: 3/1/2010

Updated: 4/11/2022

Configuration: Enable thorough checks

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: E:H/RL:OF/RC:C

CVSS Score Source: CVE-2009-3960

Vulnerability Information

CPE: cpe:/a:adobe:lifecycle, cpe:/a:adobe:lifecycle_data_services, cpe:/a:adobe:flex_data_services, cpe:/a:adobe:coldfusion, cpe:/a:adobe:blazeds

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 2/11/2010

Vulnerability Publication Date: 2/11/2010

CISA Known Exploited Dates: 9/7/2022

Exploitable With

CANVAS (D2ExploitPack)

Elliot (Adobe XML External Entity File Disclosure)

Reference Information

CVE: CVE-2009-3960

BID: 38197

EDB-ID: 11529

SECUNIA: 38543