Detections
Analytics
Adobe Digital Editions 2.0.0 'rmsdk_wrapper.dll' Memory Corruption (APSB13-20)
critical Nessus Plugin ID 72171
Language:
Synopsis
The version of Adobe Digital Editions on the remote Windows host is affected by a memory corruption vulnerability.Description
The version of Adobe Digital Editions installed on the remote host is 2.0.0. It is, therefore, affected by a memory corruption vulnerability related to the file 'rmsdk_wrapper.dll' and handling embedded font streams, such as those in PDF files, that could allow denial of service attacks and possibly arbitrary code execution.Solution
Upgrade to Adobe Digital Editions 2.0.1 or later.See Also
http://www.adobe.com/support/security/bulletins/apsb13-20.html
Plugin Details
Severity: Critical
ID: 72171
File Name: adobe_digital_editions_apsb13-20.nasl
Version: 1.3
Type: local
Agent: windows
Family: Windows
Published: 1/28/2014
Updated: 11/26/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2013-1377
Vulnerability Information
CPE: cpe:/a:adobe:digital_editions
Required KB Items: SMB/Adobe_DigitalEditions/installed
Exploit Ease: No known exploits are available
Patch Publication Date: 7/30/2013
Vulnerability Publication Date: 7/30/2013
Reference Information
CVE: CVE-2013-1377
BID: 61528