Adobe Reader 9.x / 10.x Multiple Vulnerabilities (APSB11-08)

High Nessus Plugin ID 53451


The version of Adobe Reader on the remote Windows host is affected by multiple memory corruption vulnerabilities.


The remote Windows host contains a version of Adobe Reader 9.x < 9.4.4 or 10.x <= 10.1. Such versions are affected by multiple memory corruption vulnerabilities.

A remote attacker could exploit this by tricking a user into viewing a maliciously crafted PDF file, resulting in arbitrary code execution.

Note that Adobe Reader X Protected Mode prevents an exploit of this kind from executing.

Note also, CVE-2011-0611 is being exploited in the wild as of April 2011.


Upgrade to Adobe Reader 9.4.4 / 10.1 or later.

See Also

Plugin Details

Severity: High

ID: 53451

File Name: adobe_reader_apsa11-02.nasl

Version: $Revision: 1.19 $

Type: local

Agent: windows

Family: Windows

Published: 2011/04/15

Modified: 2017/12/15

Dependencies: 20836

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:adobe:acrobat_reader

Required KB Items: SMB/Acroread/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/04/21

Vulnerability Publication Date: 2011/04/11

Exploitable With

Core Impact

Metasploit (Adobe Flash Player SWF Memory Corruption Vulnerability)

Reference Information

CVE: CVE-2011-0610, CVE-2011-0611

BID: 47314, 47531

OSVDB: 71686, 71912

CERT: 230057

Secunia: 44149