The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30475, 2017.011.30120, or 2019.010.20091. It is, therefore, affected by multiple vulnerabilities.

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7020, CVE-2019-7085)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability.
    Successful exploitation could lead to information disclosure. (CVE-2019-7089)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Successful     exploitation could lead to arbitrary code execution . (CVE-2019-7080)

  - Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113     and earlier version, and 2015.006.30464 and earlier have an integer overflow vulnerability. Successful     exploitation could lead to information disclosure. (CVE-2019-7030)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Adobe Acrobat < 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Multiple Vulnerabilities (APSB19-07) (macOS)

critical Nessus Plugin ID 207092

Version 1.3

Version 1.2

Version 1.3 Oct 4, 2024, 11:06 PM New Plugin Feed: 202410042306
Version 1.2 Sep 13, 2024, 10:17 AM Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202409131017