Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0021

The remote host is missing updates announced in
advisory RHSA-2007:0021.

The Adobe Reader allows users to view and print documents in portable
document format (PDF).

A cross site scripting flaw was found in the way the Adobe Reader Plugin
processes certain malformed URLs. A malicious web page could inject
arbitrary javascript into the browser session which could possibly lead to
a cross site scripting attack. (CVE-2007-0045)

Two arbitrary code execution flaws were found in the way Adobe Reader
processes malformed document files. It may be possible to execute arbitrary
code on a victim's machine if the victim opens a malicious PDF file.
(CVE-2006-5857, CVE-2007-0046)

Please note that Adobe Reader 7.0.9 requires versions of several system
libraries that were not shipped with Red Hat Enterprise Linux 3. This
update contains additional packages that provide the required system
library versions for Adobe Reader. These additional packages are only
required by Adobe Reader and do not replace or affect any other aspects of
a Red Hat Enterprise Linux 3 system.

All users of Adobe Reader are advised to upgrade to these updated packages,
which contain Adobe Reader version 7.0.9 and additional libraries to
correct these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-5857
BugTraq ID: 21981
Bugtraq: 20070110 Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite (Google Search)
CERT/CC vulnerability note: VU#698924
RedHat Security Advisories: RHSA-2007:0017
SuSE Security Announcement: SUSE-SA:2007:011 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-0045
BugTraq ID: 21858
Bugtraq: 20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities (Google Search)
Bugtraq: 20070103 RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search)
Bugtraq: 20070103 Re: Universal XSS with PDF files: highly dangerous (Google Search)
Bugtraq: 20070103 Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search)
Bugtraq: 20070103 Universal XSS with PDF files: highly dangerous (Google Search)
Bugtraq: 20070104 Universal PDF XSS After Party (Google Search)
Cert/CC Advisory: TA09-286B
CERT/CC vulnerability note: VU#815960
HPdes Security Advisory: HPSBUX02153
HPdes Security Advisory: SSRT061181
XForce ISS Database: adobe-acrobat-pdf-xss(31271)
Common Vulnerability Exposure (CVE) ID: CVE-2007-0046
XForce ISS Database: adobe-acrobat-msvcrt-code-execution(31272)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.