ID de Prueba:	1.3.6.1.4.1.25623.1.0.61294
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0641
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0641. Adobe Acrobat Reader allows users to view and print documents in Portable Document Format (PDF). An input validation flaw was discovered in a JavaScript engine used by Acrobat Reader. A malicious PDF file could cause Acrobat Reader to crash or, potentially, execute arbitrary code as the user running Acrobat Reader. (CVE-2008-2641) An insecure temporary file usage issue was discovered in the Acrobat Reader acroread startup script. A local attacker could potentially overwrite arbitrary files that were writable by the user running Acrobat Reader, if the victim ran acroread with certain command line arguments. (CVE-2008-0883) All acroread users are advised to upgrade to these updated packages, that contain Acrobat Reader version 8.1.2 Security Update 1, and are not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0641.html http://www.redhat.com/security/updates/classification/#critical Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0883 BugTraq ID: 28091 http://www.securityfocus.com/bid/28091 http://www.gentoo.org/security/en/glsa/glsa-200803-26.xml http://www.redhat.com/support/errata/RHSA-2008-0641.html http://www.securitytracker.com/id?1019539 http://secunia.com/advisories/29229 http://secunia.com/advisories/29242 http://secunia.com/advisories/29425 http://secunia.com/advisories/31136 http://secunia.com/advisories/31352 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1 SuSE Security Announcement: SUSE-SR:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://www.vupen.com/english/advisories/2008/0765/references http://www.vupen.com/english/advisories/2008/2289 XForce ISS Database: adobe-reader-acroread-symlink(40987) https://exchange.xforce.ibmcloud.com/vulnerabilities/40987 Common Vulnerability Exposure (CVE) ID: CVE-2008-2641 BugTraq ID: 29908 http://www.securityfocus.com/bid/29908 CERT/CC vulnerability note: VU#788019 http://www.kb.cert.org/vuls/id/788019 http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml http://isc.sans.org/diary.html?storyid=4616 http://www.securitytracker.com/id?1020352 http://secunia.com/advisories/30832 http://secunia.com/advisories/31339 http://secunia.com/advisories/31428 SuSE Security Announcement: SUSE-SR:2008:016 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html http://www.vupen.com/english/advisories/2008/1906 XForce ISS Database: adobe-javascript-method-code-execution(43307) https://exchange.xforce.ibmcloud.com/vulnerabilities/43307
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.