Test ID:	1.3.6.1.4.1.25623.1.0.57976
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200701-16 (acroread)
Summary:	The remote host is missing updates announced in;advisory GLSA 200701-16.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200701-16. Vulnerability Insight: Adobe Acrobat Reader is vulnerable to remote code execution, Denial of Service, and cross-site scripting attacks. Solution: All Adobe Acrobat Reader users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-text/acroread-7.0.9' CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5857 BugTraq ID: 21981 http://www.securityfocus.com/bid/21981 Bugtraq: 20070110 Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite (Google Search) http://www.securityfocus.com/archive/1/456491/100/0/threaded CERT/CC vulnerability note: VU#698924 http://www.kb.cert.org/vuls/id/698924 http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0200.html http://security.gentoo.org/glsa/glsa-200701-16.xml http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt http://osvdb.org/31316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11698 RedHat Security Advisories: RHSA-2007:0017 https://rhn.redhat.com/errata/RHSA-2007-0017.html http://www.redhat.com/support/errata/RHSA-2007-0021.html http://securitytracker.com/id?1017491 http://secunia.com/advisories/23666 http://secunia.com/advisories/23691 http://secunia.com/advisories/23812 http://secunia.com/advisories/23877 http://secunia.com/advisories/23882 http://secunia.com/advisories/24533 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1 SuSE Security Announcement: SUSE-SA:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html http://www.vupen.com/english/advisories/2007/0115 http://www.vupen.com/english/advisories/2007/0957 Common Vulnerability Exposure (CVE) ID: CVE-2007-0044 BugTraq ID: 21858 http://www.securityfocus.com/bid/21858 Bugtraq: 20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/455801/100/0/threaded http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf http://www.wisec.it/vulns.php?page=9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042 http://www.redhat.com/support/errata/RHSA-2008-0144.html http://securitytracker.com/id?1017469 http://secunia.com/advisories/29065 http://securityreason.com/securityalert/2090 http://www.vupen.com/english/advisories/2007/0032 XForce ISS Database: adobe-acrobat-pdf-csrf(31266) https://exchange.xforce.ibmcloud.com/vulnerabilities/31266 Common Vulnerability Exposure (CVE) ID: CVE-2007-0045 Bugtraq: 20070103 RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455836/100/0/threaded Bugtraq: 20070103 Re: Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455800/100/0/threaded Bugtraq: 20070103 Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455831/100/0/threaded Bugtraq: 20070103 Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455790/100/0/threaded Bugtraq: 20070104 Universal PDF XSS After Party (Google Search) http://www.securityfocus.com/archive/1/455906/100/0/threaded Cert/CC Advisory: TA09-286B http://www.us-cert.gov/cas/techalerts/TA09-286B.html CERT/CC vulnerability note: VU#815960 http://www.kb.cert.org/vuls/id/815960 HPdes Security Advisory: HPSBUX02153 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HPdes Security Advisory: SSRT061181 http://www.disenchant.ch/blog/hacking-with-browser-plugins/34 http://www.gnucitizen.org/blog/universal-pdf-xss-after-party https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6487 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9693 http://securitytracker.com/id?1023007 http://secunia.com/advisories/23483 http://secunia.com/advisories/24457 http://secunia.com/advisories/33754 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 http://www.vupen.com/english/advisories/2009/2898 XForce ISS Database: adobe-acrobat-pdf-xss(31271) https://exchange.xforce.ibmcloud.com/vulnerabilities/31271 Common Vulnerability Exposure (CVE) ID: CVE-2007-0046 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684 XForce ISS Database: adobe-acrobat-msvcrt-code-execution(31272) https://exchange.xforce.ibmcloud.com/vulnerabilities/31272 Common Vulnerability Exposure (CVE) ID: CVE-2007-0048 http://osvdb.org/31596 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348 XForce ISS Database: adobe-acrobat-character-dos(31273) https://exchange.xforce.ibmcloud.com/vulnerabilities/31273
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.