Test Kennung:	1.3.6.1.4.1.25623.1.0.804392
Kategorie:	General
Titel:	Adobe Reader Multiple Vulnerabilities Jan07 (Windows)
Zusammenfassung:	This host is installed with Adobe Reader and is prone to multiple;vulnerabilities.
Beschreibung:	Summary: This host is installed with Adobe Reader and is prone to multiple vulnerabilities. Vulnerability Insight: Flaws exist due to: - Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. - Input passed to a hosted PDF file is not properly handled by the browser plug-in. Vulnerability Impact: Successful exploitation will allow attackers to cause memory corruption, execution of arbitrary code, execution of arbitrary script code in a user's browser session in context of an affected site and conduct Cross Site Request Forgery attacks. Affected Software/OS: Adobe Reader version 7.0.8 and prior on Windows. Solution: Upgrade to Adobe Reader version 7.0.9 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 21858 BugTraq ID: 21981 Common Vulnerability Exposure (CVE) ID: CVE-2006-5857 http://www.securityfocus.com/bid/21981 Bugtraq: 20070110 Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite (Google Search) http://www.securityfocus.com/archive/1/456491/100/0/threaded CERT/CC vulnerability note: VU#698924 http://www.kb.cert.org/vuls/id/698924 http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0200.html http://security.gentoo.org/glsa/glsa-200701-16.xml http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt http://osvdb.org/31316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11698 RedHat Security Advisories: RHSA-2007:0017 https://rhn.redhat.com/errata/RHSA-2007-0017.html http://www.redhat.com/support/errata/RHSA-2007-0021.html http://securitytracker.com/id?1017491 http://secunia.com/advisories/23666 http://secunia.com/advisories/23691 http://secunia.com/advisories/23812 http://secunia.com/advisories/23877 http://secunia.com/advisories/23882 http://secunia.com/advisories/24533 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1 SuSE Security Announcement: SUSE-SA:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html http://www.vupen.com/english/advisories/2007/0115 http://www.vupen.com/english/advisories/2007/0957 Common Vulnerability Exposure (CVE) ID: CVE-2007-0046 Bugtraq: 20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/455801/100/0/threaded http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf http://www.wisec.it/vulns.php?page=9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684 http://securitytracker.com/id?1017469 http://securityreason.com/securityalert/2090 http://www.vupen.com/english/advisories/2007/0032 XForce ISS Database: adobe-acrobat-msvcrt-code-execution(31272) https://exchange.xforce.ibmcloud.com/vulnerabilities/31272 Common Vulnerability Exposure (CVE) ID: CVE-2007-0047 XForce ISS Database: adobe-acrobat-xmlhttp-response-splitting(31291) https://exchange.xforce.ibmcloud.com/vulnerabilities/31291 Common Vulnerability Exposure (CVE) ID: CVE-2007-0044 http://www.securityfocus.com/bid/21858 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042 http://www.redhat.com/support/errata/RHSA-2008-0144.html http://secunia.com/advisories/29065 XForce ISS Database: adobe-acrobat-pdf-csrf(31266) https://exchange.xforce.ibmcloud.com/vulnerabilities/31266
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.