ID de Prueba:	1.3.6.1.4.1.25623.1.0.66690
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0038
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0038. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. These vulnerabilities are summarized on the Adobe Security Advisory APSB10-02 page listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956) Adobe have discontinued support for Adobe Reader 8 for Linux. All users of Adobe Reader are advised to install these updated packages, which contain Adobe Reader version 9.3, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0038.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb10-02.html Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3953 BugTraq ID: 37758 http://www.securityfocus.com/bid/37758 Cert/CC Advisory: TA10-013A http://www.us-cert.gov/cas/techalerts/TA10-013A.html http://www.metasploit.com/modules/exploit/windows/fileformat/adobe_u3d_meshdecl http://osvdb.org/61690 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8242 http://www.redhat.com/support/errata/RHSA-2010-0060.html http://www.securitytracker.com/id?1023446 http://secunia.com/advisories/38138 http://secunia.com/advisories/38215 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.vupen.com/english/advisories/2010/0103 XForce ISS Database: acrobat-reader-u3d-code-execution(55551) https://exchange.xforce.ibmcloud.com/vulnerabilities/55551 Common Vulnerability Exposure (CVE) ID: CVE-2009-3954 BugTraq ID: 37761 http://www.securityfocus.com/bid/37761 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8528 XForce ISS Database: acrobat-reader-3d-code-execution(55552) https://exchange.xforce.ibmcloud.com/vulnerabilities/55552 Common Vulnerability Exposure (CVE) ID: CVE-2009-3955 BugTraq ID: 37757 http://www.securityfocus.com/bid/37757 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8255 XForce ISS Database: acrobat-reader-jpxdecode-code-exec(55553) https://exchange.xforce.ibmcloud.com/vulnerabilities/55553 Common Vulnerability Exposure (CVE) ID: CVE-2009-3956 BugTraq ID: 37763 http://www.securityfocus.com/bid/37763 http://www.packetstormsecurity.org/1001-exploits/SS-2010-001.txt http://www.stratsec.net/files/SS-2010-001_Stratsec_Acrobat_Script_Injection_Security_Advisory_v1.0.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8327 XForce ISS Database: acrobat-reader-unspec-xss(55554) https://exchange.xforce.ibmcloud.com/vulnerabilities/55554 Common Vulnerability Exposure (CVE) ID: CVE-2009-3959 BugTraq ID: 37756 http://www.securityfocus.com/bid/37756 Bugtraq: 20100115 VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/508949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8539 XForce ISS Database: acrobat-reader-u3dsupport-code-exec(55557) https://exchange.xforce.ibmcloud.com/vulnerabilities/55557 Common Vulnerability Exposure (CVE) ID: CVE-2009-4324 BugTraq ID: 37331 http://www.securityfocus.com/bid/37331 CERT/CC vulnerability note: VU#508357 http://www.kb.cert.org/vuls/id/508357 http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://contagiodump.blogspot.com/2009/12/virustotal-httpwww.html http://www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20091214 http://www.symantec.com/connect/blogs/zero-day-xmas-present http://osvdb.org/60980 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6795 http://secunia.com/advisories/37690 http://www.vupen.com/english/advisories/2009/3518 XForce ISS Database: acro-reader-unspecifed-code-execution(54747) https://exchange.xforce.ibmcloud.com/vulnerabilities/54747
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.