Detections
Analytics
Adobe Reader < 9.1.3 Flash Handling Unspecified Arbitrary Code Execution (APSB09-10)
high Nessus Plugin ID 40494
Synopsis
The PDF file viewer on the remote Windows host is affected by a memory corruption vulnerability.Description
The version of Adobe Reader 9 installed on the remote host is earlier than 9.1.3. Such versions are reportedly affected by a memory corruption vulnerability that could potentially lead to code execution.Solution
Upgrade to Adobe Reader 9.1.3 or later.See Also
http://www.adobe.com/support/security/bulletins/apsb09-10.html
Plugin Details
Severity: High
ID: 40494
File Name: adobe_reader_913.nasl
Version: 1.21
Type: local
Agent: windows
Family: Windows
Published: 8/5/2009
Updated: 6/8/2022
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2009-1862
Vulnerability Information
CPE: cpe:/a:adobe:acrobat_reader
Required KB Items: SMB/Acroread/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/30/2009
CISA Known Exploited Vulnerability Due Dates: 6/22/2022
Exploitable With
CANVAS (CANVAS)
Core Impact
Reference Information
CVE: CVE-2009-1862
BID: 35759
CWE: 94