Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:0478

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63973

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2009:0478

Resumen: The remote host is missing updates announced in;advisory RHSA-2009:0478.;;Adobe Reader allows users to view and print documents in Portable Document;Format (PDF).;;Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file;containing malicious JavaScript instructions could cause Adobe Reader to;crash or, potentially, execute arbitrary code as the user running Adobe;Reader. (CVE-2009-1492, CVE-2009-1493);;All Adobe Reader users should install these updated packages. They contain;Adobe Reader version 8.1.5, which is not vulnerable to these issues. All;running instances of Adobe Reader must be restarted for the update to take;effect.

Descripción: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:0478.

Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).

Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file
containing malicious JavaScript instructions could cause Adobe Reader to
crash or, potentially, execute arbitrary code as the user running Adobe
Reader. (CVE-2009-1492, CVE-2009-1493)

All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 8.1.5, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1492
BugTraq ID: 34736
http://www.securityfocus.com/bid/34736
Cert/CC Advisory: TA09-133B
http://www.us-cert.gov/cas/techalerts/TA09-133B.html
CERT/CC vulnerability note: VU#970180
http://www.kb.cert.org/vuls/id/970180
https://www.exploit-db.com/exploits/8569
http://security.gentoo.org/glsa/glsa-200907-06.xml
http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html
http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt
http://osvdb.org/54130
http://www.redhat.com/support/errata/RHSA-2009-0478.html
http://www.securitytracker.com/id?1022139
http://secunia.com/advisories/34924
http://secunia.com/advisories/35055
http://secunia.com/advisories/35096
http://secunia.com/advisories/35152
http://secunia.com/advisories/35358
http://secunia.com/advisories/35416
http://secunia.com/advisories/35734
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1
SuSE Security Announcement: SUSE-SA:2009:027 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://www.vupen.com/english/advisories/2009/1189
http://www.vupen.com/english/advisories/2009/1317
XForce ISS Database: reader-getannots-code-execution(50145)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50145
Common Vulnerability Exposure (CVE) ID: CVE-2009-1493
BugTraq ID: 34740
http://www.securityfocus.com/bid/34740
https://www.exploit-db.com/exploits/8570
http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html
http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt
http://osvdb.org/54129
XForce ISS Database: reader-spellcustom-code-execution(50146)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50146

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63973
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0478
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:0478.;;Adobe Reader allows users to view and print documents in Portable Document;Format (PDF).;;Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file;containing malicious JavaScript instructions could cause Adobe Reader to;crash or, potentially, execute arbitrary code as the user running Adobe;Reader. (CVE-2009-1492, CVE-2009-1493);;All Adobe Reader users should install these updated packages. They contain;Adobe Reader version 8.1.5, which is not vulnerable to these issues. All;running instances of Adobe Reader must be restarted for the update to take;effect.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:0478. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Two flaws were discovered in Adobe Reader's JavaScript API. A PDF file containing malicious JavaScript instructions could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader. (CVE-2009-1492, CVE-2009-1493) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 8.1.5, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1492 BugTraq ID: 34736 http://www.securityfocus.com/bid/34736 Cert/CC Advisory: TA09-133B http://www.us-cert.gov/cas/techalerts/TA09-133B.html CERT/CC vulnerability note: VU#970180 http://www.kb.cert.org/vuls/id/970180 https://www.exploit-db.com/exploits/8569 http://security.gentoo.org/glsa/glsa-200907-06.xml http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt http://osvdb.org/54130 http://www.redhat.com/support/errata/RHSA-2009-0478.html http://www.securitytracker.com/id?1022139 http://secunia.com/advisories/34924 http://secunia.com/advisories/35055 http://secunia.com/advisories/35096 http://secunia.com/advisories/35152 http://secunia.com/advisories/35358 http://secunia.com/advisories/35416 http://secunia.com/advisories/35734 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1 SuSE Security Announcement: SUSE-SA:2009:027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://www.vupen.com/english/advisories/2009/1189 http://www.vupen.com/english/advisories/2009/1317 XForce ISS Database: reader-getannots-code-execution(50145) https://exchange.xforce.ibmcloud.com/vulnerabilities/50145 Common Vulnerability Exposure (CVE) ID: CVE-2009-1493 BugTraq ID: 34740 http://www.securityfocus.com/bid/34740 https://www.exploit-db.com/exploits/8570 http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt http://osvdb.org/54129 XForce ISS Database: reader-spellcustom-code-execution(50146) https://exchange.xforce.ibmcloud.com/vulnerabilities/50146
Copyright	Copyright (C) 2009 E-Soft Inc.