Adobe Software Signed By Revoked Certificate (APSA12-01)

Medium Nessus Plugin ID 62693

Synopsis

An application installed on the remote Windows host is signed by a revoked certificate.

Description

The remote host is using Adobe software that has been digitally signed by a revoked certificate. An Adobe build server was compromised, which has caused at least two malicious utilities to be signed with Adobe's code signing certificate. Any software signed by this revoked certificate (including legitimate Adobe software) is no longer trusted.

This plugin checks if the following software has been signed by the revoked certificate :

- Adobe Bridge
- Adobe Extension Manager CS6
- Adobe Media Encoder CS6
- Adobe Premiere Pro CS6
- Adobe Reader
- Audition CS6
- ColdFusion 10
- Configurator 3.1
- Contribute 6.5
- Dreamweaver CS6
- Drive 4
- Encore CS6
- Flash Player
- Flash Professional CS6
- Illustrator CS6
- Photoshop CS6
- Prelude CS6
- Presenter 8
- Shockwave Player
- SpeedGrade CS6

Solution

Update all affected Adobe applications to the latest version. Refer to Adobe security advisory APSA12-01 for more information.

See Also

https://www.adobe.com/support/security/advisories/apsa12-01.html

https://helpx.adobe.com/x-productkb/global/certificate-updates.html

http://www.nessus.org/u?89081e80

Plugin Details

Severity: Medium

ID: 62693

File Name: adobe_apsa12-01.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 2012/10/24

Modified: 2018/11/15

Dependencies: 62681, 62682, 62691, 43860, 62688, 55514, 62686, 59175, 62684, 62687, 51188, 54605, 62689, 62690, 20836, 62683, 62692, 28211, 62685, 39564

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Patch Publication Date: 2012/10/04

Vulnerability Publication Date: 2012/09/27

Reference Information

IAVB: 2012-B-0099, 2012-B-0100