The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30475, 2017.011.30120, or 2019.010.20091. It is, therefore, affected by multiple vulnerabilities.

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7020, CVE-2019-7085)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability.
    Successful exploitation could lead to information disclosure. (CVE-2019-7089)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7080)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful     exploitation could lead to information disclosure. (CVE-2019-7030)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Adobe Reader < 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Multiple Vulnerabilities (APSB19-07) (macOS)

critical Nessus Plugin ID 207084

Version 1.4