The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30504, 2017.011.30150, or 2019.021.20047. It is, therefore, affected by multiple vulnerabilities.

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read     vulnerability. Successful exploitation could lead to information disclosure . (CVE-2019-8064,     CVE-2019-8163, CVE-2019-8164, CVE-2019-8168, CVE-2019-8172, CVE-2019-8173, CVE-2019-8182, CVE-2019-8184,     CVE-2019-8185, CVE-2019-8189, CVE-2019-8190, CVE-2019-8193, CVE-2019-8194, CVE-2019-8198, CVE-2019-8201,     CVE-2019-8202, CVE-2019-8204, CVE-2019-8207, CVE-2019-8216, CVE-2019-8218, CVE-2019-8222)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8165,     CVE-2019-8171, CVE-2019-8186, CVE-2019-8191, CVE-2019-8199, CVE-2019-8206)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8175,     CVE-2019-8176, CVE-2019-8177, CVE-2019-8178, CVE-2019-8179, CVE-2019-8180, CVE-2019-8181, CVE-2019-8187,     CVE-2019-8188, CVE-2019-8192, CVE-2019-8203, CVE-2019-8208, CVE-2019-8209, CVE-2019-8210, CVE-2019-8211,     CVE-2019-8212, CVE-2019-8213, CVE-2019-8214, CVE-2019-8215, CVE-2019-8217, CVE-2019-8219, CVE-2019-8221,     CVE-2019-8223, CVE-2019-8224, CVE-2019-8225)

  - Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8220)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8170,     CVE-2019-8183, CVE-2019-8197)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a buffer overrun     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8166)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a cross-site scripting     vulnerability. Successful exploitation could lead to information disclosure. (CVE-2019-8160)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a race condition     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8162)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an incomplete implementation     of security mechanism vulnerability. Successful exploitation could lead to information disclosure.
    (CVE-2019-8226)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion     vulnerability. Successful exploitation could lead to arbitrary code execution . (CVE-2019-8161,     CVE-2019-8167, CVE-2019-8169, CVE-2019-8200)

  - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148     and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer     dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
    (CVE-2019-8174, CVE-2019-8195, CVE-2019-8196, CVE-2019-8205)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Adobe Acrobat < 2015.006.30504 / 2017.011.30150 / 2019.021.20047 Multiple Vulnerabilities (APSB19-49) (macOS)

critical Nessus Plugin ID 129975

Version 1.9

Version 1.8

Version 1.6

Version 1.9 Nov 21, 2024, 2:36 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202411211436
Version 1.8 Oct 4, 2024, 11:06 PM New Plugin Feed: 202410042306
Version 1.6 Apr 18, 2024, 3:14 PM CVSSv2 score source (changed from "CVE-2019-8171" to "CVE-2019-8196") CVSSv3 score source (set to "CVE-2019-8221") Plugin Feed: 202404181514