The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0743 advisory.

    Adobe Reader allows users to view and print documents in Portable Document     Format (PDF).

    This update fixes multiple vulnerabilities in Adobe Reader. These     vulnerabilities are detailed on the Adobe security page APSB10-21, listed     in the References section.

    A specially-crafted PDF file could cause Adobe Reader to crash or,     potentially, execute arbitrary code as the user running Adobe Reader when     opened. (CVE-2010-2883, CVE-2010-2884, CVE-2010-2889, CVE-2010-2890,     CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3625,     CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630,     CVE-2010-3632, CVE-2010-3658)

    An insecure relative RPATH (runtime library search path) set in some Adobe     Reader libraries could allow a local attacker, who is able to convince     another user to run Adobe Reader in an attacker-controlled directory, to     execute arbitrary code with the privileges of the victim. (CVE-2010-2887)

    A specially-crafted PDF file could cause Adobe Reader to crash when opened.
    (CVE-2010-3656, CVE-2010-3657)

    All Adobe Reader users should install these updated packages. They contain     Adobe Reader version 9.4, which is not vulnerable to these issues. All     running instances of Adobe Reader must be restarted for the update to take     effect.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Adobe Reader installed on the remote host is earlier than 9.4 / 8.2.5.  Such versions are affected by multiple code execution vulnerabilities.

Note that there have been reports that one or more of these issues are being actively exploited in the wild.

The version of Adobe Acrobat installed on the remote host is earlier than 9.4 / 8.2.5.  Such versions are affected by multiple code execution vulnerabilities.

Note that there have been reports that one or more of these issues are being actively exploited in the wild.

Specially crafted PDF documents could crash acroread or lead to execution of arbitrary code (CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658).

Specially crafted PDF documents could crash acroread or lead to execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 / CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 / CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 / CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 / CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 / CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)

The remote host is affected by the vulnerability described in GLSA-201101-08 (Adobe Reader: Multiple vulnerabilities)

    Multiple vulnerabilities were discovered in Adobe Reader. For further     information please consult the CVE entries and the Adobe Security     Bulletins referenced below.
  Impact :

    A remote attacker might entice a user to open a specially crafted PDF     file, possibly resulting in the execution of arbitrary code with the     privileges of the user running the application, or a Denial of Service.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Published	Updated	Severity
49786	RHEL 5 : acroread (RHSA-2010:0743)	Nessus	Red Hat Local Security Checks	10/7/2010	11/4/2024	high
49173	Adobe Reader < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)	Nessus	Windows	9/9/2010	6/8/2022	high
49172	Adobe Acrobat < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)	Nessus	Windows	9/9/2010	5/31/2024	high
75419	openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)	Nessus	SuSE Local Security Checks	6/13/2014	6/8/2022	high
49824	openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)	Nessus	SuSE Local Security Checks	10/11/2010	6/8/2022	high
49825	openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)	Nessus	SuSE Local Security Checks	10/11/2010	6/8/2022	high
50884	SuSE 11 / 11.1 Security Update : Acrobat Reader (SAT Patch Numbers 3268 / 3270)	Nessus	SuSE Local Security Checks	12/2/2010	6/8/2022	high
51703	SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 7181)	Nessus	SuSE Local Security Checks	1/27/2011	6/8/2022	high
50888	SuSE 11 / 11.1 Security Update : acroread_ja (SAT Patch Numbers 3272 / 3273)	Nessus	SuSE Local Security Checks	12/2/2010	6/8/2022	high
51657	GLSA-201101-08 : Adobe Reader: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	1/24/2011	6/8/2022	high
51715	SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 7182)	Nessus	SuSE Local Security Checks	1/27/2011	6/8/2022	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

high

high

high