Adobe Acrobat 9 <= 9.4 (APSA10-05)

high Nessus Plugin ID 50380

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The version of Adobe Acrobat on the remote Windows host is affected by a code execution vulnerability.

Description

The remote Windows host contains Adobe Acrobat version 9.4 or earlier. Such versions are affected by an unspecified memory corruption vulnerability.

A remote attacker could exploit this issue by getting a user to open a maliciously crafted PDF containing SWF content, resulting in the execution of arbitrary code.

This vulnerability is reportedly being exploited in the wild.

Solution

Upgrade to the latest version when it is released. Adobe states it will be released the week of November 15, 2010.

In the meantime, deleting or renaming the version of 'authplay.dll' that ships with Adobe Acrobat will result in a non-exploitable crash when opening PDFs containing SWF content.

See Also

http://www.adobe.com/support/security/advisories/apsa10-05.html

Plugin Details

Severity: High

ID: 50380

File Name: adobe_acrobat_apsa10-05.nasl

Version: Revision: 1.8

Type: local

Agent: windows

Family: Windows

Published: 10/28/2010

Updated: 6/14/2012

Dependencies: adobe_acrobat_installed.nasl, smb_hotfixes.nasl

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:adobe:acrobat

Required KB Items: SMB/Acrobat/Version, SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/28/2010

Exploitable With

Metasploit (Adobe Flash Player "Button" Remote Code Execution)

Reference Information

CVE: CVE-2010-3654

BID: 44504

OSVDB: 68932