Professional OVAL Repository

[Eng] [Rus] [Sign-In]

oval:org.mitre.oval:def:9928

Version

Class

vulnerability

ALTXid

1664

Language

English

Severity

NotAvailable

Title

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.

Description

Family

unix

Platform

Product

OVAL Repository

Status: ACCEPTED
Status: ACCEPTED
- 2010-07-09T03:56:16-04:00 : submitted
  - SCAP.com, LLC Aharon Chernin
- 2010-07-28T14:18:19.094-04:00 : status_change DRAFT
- 2010-08-16T04:15:00.477-04:00 : status_change INTERIM
- 2010-09-06T04:16:08.486-04:00 : status_change ACCEPTED

Reference

CVE: CVE-2007-5663

Criteria

Expand All

Collapse All

OR
- AND
  - CRITERION redhat-release is version 3
    - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:30337) check=at least one, check_existence=at_least_one_exists, comment=redhat-release is version 3, version=2
      - rpminfo_object (ID = oval:org.mitre.oval:obj:1414)
        name redhat-release
      - rpminfo_state (ID = oval:org.mitre.oval:ste:8849)
        version operation=pattern match | value=^3[^[:digit:]]
  - OR
    - CRITERION acroread-plugin is earlier than 0:8.1.2-1.el3.6
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36324) check=at least one, check_existence=at_least_one_exists, comment=acroread-plugin is earlier than 0:8.1.2-1.el3.6, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14489)
        name acroread-plugin
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10585)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el3.6
    - CRITERION acroread is earlier than 0:8.1.2-1.el3.6
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36153) check=at least one, check_existence=at_least_one_exists, comment=acroread is earlier than 0:8.1.2-1.el3.6, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14858)
        name acroread
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10585)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el3.6
- AND
  - CRITERION redhat-release is version 4
    - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:29709) check=at least one, check_existence=at_least_one_exists, comment=redhat-release is version 4, version=2
      - rpminfo_object (ID = oval:org.mitre.oval:obj:1414)
        name redhat-release
      - rpminfo_state (ID = oval:org.mitre.oval:ste:9429)
        version operation=pattern match | value=^4[^[:digit:]]
  - OR
    - CRITERION acroread-plugin is earlier than 0:8.1.2-1.el4.2
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36156) check=at least one, check_existence=at_least_one_exists, comment=acroread-plugin is earlier than 0:8.1.2-1.el4.2, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14489)
        name acroread-plugin
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10505)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el4.2
    - CRITERION acroread is earlier than 0:8.1.2-1.el4.2
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:36293) check=at least one, check_existence=at_least_one_exists, comment=acroread is earlier than 0:8.1.2-1.el4.2, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14858)
        name acroread
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10505)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el4.2
- AND
  - CRITERION redhat-release is version 5
    - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:33325) check=at least one, check_existence=at_least_one_exists, comment=redhat-release is version 5, version=2
      - rpminfo_object (ID = oval:org.mitre.oval:obj:1414)
        name redhat-release
      - rpminfo_state (ID = oval:org.mitre.oval:ste:10246)
        version operation=pattern match | value=^5[^[:digit:]]
  - OR
    - CRITERION acroread-plugin is earlier than 0:8.1.2-1.el5.3
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:35792) check=at least one, check_existence=at_least_one_exists, comment=acroread-plugin is earlier than 0:8.1.2-1.el5.3, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14489)
        name acroread-plugin
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10831)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el5.3
    - CRITERION acroread is earlier than 0:8.1.2-1.el5.3
      - RPMINFO_TEST (ID = oval:org.mitre.oval:tst:35912) check=at least one, check_existence=at_least_one_exists, comment=acroread is earlier than 0:8.1.2-1.el5.3, version=2
        
        rpminfo_object (ID = oval:org.mitre.oval:obj:14858)
        name acroread
        
        rpminfo_state (ID = oval:org.mitre.oval:ste:10831)
        evr datatype=evr_string | operation=less than | value=0:8.1.2-1.el5.3


	2008-2020, © AO ALTEX-SOFT , ovaldb@altx-soft.com OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.

Access vector:	COMPLETE
Access complexity:	MEDIUM
Authentication:	NONE
Confidentiality impact:	COMPLETE
Integrity impact:	COMPLETE
Availability impact:	COMPLETE