Test ID:	1.3.6.1.4.1.25623.1.0.58031
Category:	Turbolinux Local Security Tests
Title:	Turbolinux TLSA-2007-6 (AdobeReader)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to AdobeReader announced via advisory TLSA-2007-6. Adobe Reader can read documents in PDF format. Adobe Reader also allows you to search within PDF files, search for PDF files on the internet and participate in collaborative document reviews. The AdobeReader contains multiple vulnerabilities that can cause denial of service (infinite loop) via a crafted PDF file. This vulnerability may allow remote attackers to execute arbitrary code, denial of service (infinite loop) via crafted pdf files. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2007-6 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5857 BugTraq ID: 21981 http://www.securityfocus.com/bid/21981 Bugtraq: 20070110 Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite (Google Search) http://www.securityfocus.com/archive/1/456491/100/0/threaded CERT/CC vulnerability note: VU#698924 http://www.kb.cert.org/vuls/id/698924 http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0200.html http://security.gentoo.org/glsa/glsa-200701-16.xml http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt http://osvdb.org/31316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11698 RedHat Security Advisories: RHSA-2007:0017 https://rhn.redhat.com/errata/RHSA-2007-0017.html http://www.redhat.com/support/errata/RHSA-2007-0021.html http://securitytracker.com/id?1017491 http://secunia.com/advisories/23666 http://secunia.com/advisories/23691 http://secunia.com/advisories/23812 http://secunia.com/advisories/23877 http://secunia.com/advisories/23882 http://secunia.com/advisories/24533 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1 SuSE Security Announcement: SUSE-SA:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html http://www.vupen.com/english/advisories/2007/0115 http://www.vupen.com/english/advisories/2007/0957 Common Vulnerability Exposure (CVE) ID: CVE-2007-0045 BugTraq ID: 21858 http://www.securityfocus.com/bid/21858 Bugtraq: 20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/455801/100/0/threaded Bugtraq: 20070103 RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455836/100/0/threaded Bugtraq: 20070103 Re: Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455800/100/0/threaded Bugtraq: 20070103 Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455831/100/0/threaded Bugtraq: 20070103 Universal XSS with PDF files: highly dangerous (Google Search) http://www.securityfocus.com/archive/1/455790/100/0/threaded Bugtraq: 20070104 Universal PDF XSS After Party (Google Search) http://www.securityfocus.com/archive/1/455906/100/0/threaded Cert/CC Advisory: TA09-286B http://www.us-cert.gov/cas/techalerts/TA09-286B.html CERT/CC vulnerability note: VU#815960 http://www.kb.cert.org/vuls/id/815960 HPdes Security Advisory: HPSBUX02153 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HPdes Security Advisory: SSRT061181 http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf http://www.disenchant.ch/blog/hacking-with-browser-plugins/34 http://www.gnucitizen.org/blog/universal-pdf-xss-after-party http://www.wisec.it/vulns.php?page=9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6487 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9693 http://securitytracker.com/id?1017469 http://securitytracker.com/id?1023007 http://secunia.com/advisories/23483 http://secunia.com/advisories/24457 http://secunia.com/advisories/33754 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 http://securityreason.com/securityalert/2090 http://www.vupen.com/english/advisories/2007/0032 http://www.vupen.com/english/advisories/2009/2898 XForce ISS Database: adobe-acrobat-pdf-xss(31271) https://exchange.xforce.ibmcloud.com/vulnerabilities/31271 Common Vulnerability Exposure (CVE) ID: CVE-2007-0046 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9684 XForce ISS Database: adobe-acrobat-msvcrt-code-execution(31272) https://exchange.xforce.ibmcloud.com/vulnerabilities/31272 Common Vulnerability Exposure (CVE) ID: CVE-2007-0047 XForce ISS Database: adobe-acrobat-xmlhttp-response-splitting(31291) https://exchange.xforce.ibmcloud.com/vulnerabilities/31291 Common Vulnerability Exposure (CVE) ID: CVE-2007-0048 http://osvdb.org/31596 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348 XForce ISS Database: adobe-acrobat-character-dos(31273) https://exchange.xforce.ibmcloud.com/vulnerabilities/31273
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.