Adobe Digital Editions < 4.5.1 RCE (APSB16-06) (Mac OS X)

High Nessus Plugin ID 89782


The remote Mac OS X host is affected by a remote code execution vulnerability.


The version of Adobe Digital Editions installed on the remote Mac OS X host is prior to 4.5.1. It is, therefore, affected by a remote code execution vulnerability due to improper validation of user-supplied input. An attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code.


Upgrade to Adobe Digital Editions version 4.5.1 or later.

See Also

Plugin Details

Severity: High

ID: 89782

File Name: macosx_adobe_digital_editions_apsb16-06.nasl

Version: $Revision: 1.7 $

Type: local

Agent: macosx

Published: 2016/03/09

Modified: 2016/11/28

Dependencies: 72170

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:ND


Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:adobe:digital_editions

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, installed_sw/Adobe Digital Editions

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/03/08

Vulnerability Publication Date: 2016/03/08

Reference Information

CVE: CVE-2016-0954

BID: 84214

OSVDB: 135503