Adobe Reader <= 10.1.1 / 9.4.6 U3D Memory Corruption (APSA11-04, APSB11-28, APSB11-30, APSB12-01) (Mac OS X)

critical Nessus Plugin ID 57044


The version of Adobe Reader on the remote Mac OS X host is affected by a memory corruption vulnerability.


The version of Adobe Reader installed on the remote Mac OS X host is prior or equal to 10.1.1 or 9.4.6. It is, therefore, affected by a memory corruption issue related to the Universal 3D (U3D) file format.
A remote attacker can exploit this, by convincing a user to view a maliciously crafted PDF file, to cause an application crash or to execute arbitrary code.

Note that the Adobe Reader X user-specific option to use 'Protected Mode' prevents an exploit of this kind from being executed, but Nessus cannot test for this configuration option.


Upgrade to Adobe Reader version 9.5 / 10.1.2 or later. If the product is Adobe Reader X, and upgrading is not an option, then the user-specific option 'Protected Mode' should be enabled.

See Also

Plugin Details

Severity: Critical

ID: 57044

File Name: macosx_adobe_reader_apsa11-04.nasl

Version: 1.19

Type: local

Agent: macosx

Published: 12/7/2011

Updated: 6/8/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information


Risk Factor: Critical

Score: 9.6


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2011-4369


Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2011-4373

Vulnerability Information

CPE: cpe:/a:adobe:acrobat_reader

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, installed_sw/Adobe Reader

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/6/2011

Vulnerability Publication Date: 12/6/2011

CISA Known Exploited Vulnerability Due Dates: 6/22/2022

Exploitable With


Core Impact

Metasploit (Adobe Reader U3D Memory Corruption Vulnerability)

Reference Information

CVE: CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460, CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373

BID: 50618, 50619, 50620, 50621, 50622, 50623, 50624, 50625, 50626, 50627, 50628, 50629, 50922, 51092, 51348, 51349, 51350, 51351