Adobe Acrobat and Reader CVE-2017-16419 Denial of Service Vulnerability

Bugtraq ID: 101817 Class: Unknown CVE:

CVE-2017-16419 Remote: Yes Local: No Published: Nov 14 2017 12:00AM Updated: Nov 23 2017 12:08AM Credit: willJ of Tencent PC Manager Vulnerable:

Adobe Reader 11.0.22
Adobe Reader 11.0.21
Adobe Reader 11.0.20
Adobe Reader 11.0.19
Adobe Reader 11.0.18
Adobe Reader 11.0.17
Adobe Reader 11.0.16
Adobe Reader 11.0.12
Adobe Reader 11.0.11
Adobe Reader 11.0.7
Adobe Reader 11.0.6
Adobe Reader 11.0.4
Adobe Reader 11.0.3
Adobe Reader 11.0.1
Adobe Reader 11.0.15
Adobe Reader 11.0.14
Adobe Reader 11.0.13
Adobe Reader 11.0.10
Adobe Reader 11.0.09
Adobe Reader 11.0.08
Adobe Reader 11.0.05
Adobe Reader 11.0
Adobe Acrobat Reader DC 2017.12.20098
Adobe Acrobat Reader DC 2017.12.20093
Adobe Acrobat Reader DC 2017.9.20058
Adobe Acrobat Reader DC 2015.8.20082
Adobe Acrobat Reader DC 2015.6.30355
Adobe Acrobat Reader DC 2015.6.30352
Adobe Acrobat Reader DC 2015.6.30306
Adobe Acrobat Reader DC 2015.6.30060
Adobe Acrobat Reader DC 15.23.20070
Adobe Acrobat Reader DC 15.23.20053
Adobe Acrobat Reader DC 15.20.20042
Adobe Acrobat Reader DC 15.20.20039
Adobe Acrobat Reader DC 15.17.20053
Adobe Acrobat Reader DC 15.17.20050
Adobe Acrobat Reader DC 15.16.20045
Adobe Acrobat Reader DC 15.16.20039
Adobe Acrobat Reader DC 15.10.20060
Adobe Acrobat Reader DC 15.10.20059
Adobe Acrobat Reader DC 15.9.20077
Adobe Acrobat Reader DC 15.6.30280
Adobe Acrobat Reader DC 15.6.30279
Adobe Acrobat Reader DC 15.6.30244
Adobe Acrobat Reader DC 15.6.30243
Adobe Acrobat Reader DC 15.6.30201
Adobe Acrobat Reader DC 15.6.30198
Adobe Acrobat Reader DC 15.6.30174
Adobe Acrobat Reader DC 15.6.30172
Adobe Acrobat Reader DC 15.6.30121
Adobe Acrobat Reader DC 15.6.30097
Adobe Acrobat Reader DC 2015.009.20069
Adobe Acrobat Reader DC 2015.007.20033
Adobe Acrobat Reader DC 2015.006.30094
Adobe Acrobat Reader DC 2015.006.30033
Adobe Acrobat Reader DC 15.010.20056
Adobe Acrobat Reader DC 15.006.30119
Adobe Acrobat Reader 2017.11.30066
Adobe Acrobat Reader 2017.11.30059
Adobe Acrobat Reader 2017.8.30051
Adobe Acrobat DC 2017.12.20098
Adobe Acrobat DC 2017.12.20093
Adobe Acrobat DC 2017.9.20058
Adobe Acrobat DC 2017.9.20044
Adobe Acrobat DC 2015.6.30355
Adobe Acrobat DC 2015.6.30352
Adobe Acrobat DC 2015.6.30306
Adobe Acrobat DC 15.23.20070
Adobe Acrobat DC 15.23.20053
Adobe Acrobat DC 15.20.20042
Adobe Acrobat DC 15.20.20039
Adobe Acrobat DC 15.17.20053
Adobe Acrobat DC 15.17.20050
Adobe Acrobat DC 15.16.20045
Adobe Acrobat DC 15.16.20039
Adobe Acrobat DC 15.10.20060
Adobe Acrobat DC 15.10.20059
Adobe Acrobat DC 15.9.20077
Adobe Acrobat DC 15.6.30280
Adobe Acrobat DC 15.6.30279
Adobe Acrobat DC 15.6.30244
Adobe Acrobat DC 15.6.30243
Adobe Acrobat DC 15.6.30201
Adobe Acrobat DC 15.6.30198
Adobe Acrobat DC 15.6.30174
Adobe Acrobat DC 15.6.30172
Adobe Acrobat DC 15.6.30121
Adobe Acrobat DC 15.6.30097
Adobe Acrobat DC 2015.009.20069
Adobe Acrobat DC 2015.008.20082
Adobe Acrobat DC 2015.007.20033
Adobe Acrobat DC 2015.006.30094
Adobe Acrobat DC 2015.006.30060
Adobe Acrobat DC 2015.006.30033
Adobe Acrobat DC 15.010.20056
Adobe Acrobat DC 15.006.30119
Adobe Acrobat 2017.11.30066
Adobe Acrobat 2017.11.30059
Adobe Acrobat 2017.8.30051
Adobe Acrobat 11.0.22
Adobe Acrobat 11.0.21
Adobe Acrobat 11.0.20
Adobe Acrobat 11.0.19
Adobe Acrobat 11.0.18
Adobe Acrobat 11.0.17
Adobe Acrobat 11.0.16
Adobe Acrobat 11.0.11
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.4
Adobe Acrobat 11.0.2
Adobe Acrobat 11.0
Adobe Acrobat 11.0.9
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.3
Adobe Acrobat 11.0.15
Adobe Acrobat 11.0.14
Adobe Acrobat 11.0.13
Adobe Acrobat 11.0.12
Adobe Acrobat 11.0.10
Adobe Acrobat 11.0.1
Adobe Acrobat 11.0.09
Adobe Acrobat 11.0.08
Adobe Acrobat 11.0 Not Vulnerable:

Adobe Reader 11.0.23
Adobe Acrobat Reader DC 2018.9.20044
Adobe Acrobat Reader DC 2015.6.30392
Adobe Acrobat Reader 2017.11.30068
Adobe Acrobat DC 2018.9.20044
Adobe Acrobat DC 2015.6.30392
Adobe Acrobat 2017.11.30068
Adobe Acrobat 11.0.23

Adobe Reader and Acrobat Multiple Remote Code Execution Vulnerabilities

Bugtraq ID: 101812 Class: Unknown CVE:

CVE-2017-16407
CVE-2017-16413
CVE-2017-16415
CVE-2017-16416 Remote: Yes Local: No Published: Nov 14 2017 12:00AM Updated: Nov 23 2017 01:08AM Credit: willJ of Tencent PC Manager, Kamlapati Choubey, TELUS Security Labs and Lin Wang of Beihang University. Vulnerable:

Adobe Reader 11.0.21
Adobe Reader 11.0.20
Adobe Reader 11.0.19
Adobe Reader 11.0.18
Adobe Reader 11.0.17
Adobe Reader 11.0.16
Adobe Reader 11.0.12
Adobe Reader 11.0.11
Adobe Reader 11.0.7
Adobe Reader 11.0.6
Adobe Reader 11.0.4
Adobe Reader 11.0.3
Adobe Reader 11.0.1
Adobe Reader 11.0.15
Adobe Reader 11.0.14
Adobe Reader 11.0.13
Adobe Reader 11.0.10
Adobe Reader 11.0.09
Adobe Reader 11.0.08
Adobe Reader 11.0.05
Adobe Acrobat Reader DC 2017.12.20098
Adobe Acrobat Reader DC 2017.12.20093
Adobe Acrobat Reader DC 2017.9.20058
Adobe Acrobat Reader DC 2017.9.20044
Adobe Acrobat Reader DC 2015.8.20082
Adobe Acrobat Reader DC 2015.6.30355
Adobe Acrobat Reader DC 2015.6.30352
Adobe Acrobat Reader DC 2015.6.30306
Adobe Acrobat Reader DC 2015.6.30060
Adobe Acrobat Reader DC 15.23.20070
Adobe Acrobat Reader DC 15.23.20053
Adobe Acrobat Reader DC 15.20.20042
Adobe Acrobat Reader DC 15.20.20039
Adobe Acrobat Reader DC 15.17.20053
Adobe Acrobat Reader DC 15.17.20050
Adobe Acrobat Reader DC 15.16.20045
Adobe Acrobat Reader DC 15.16.20039
Adobe Acrobat Reader DC 15.10.20060
Adobe Acrobat Reader DC 15.10.20059
Adobe Acrobat Reader DC 15.9.20077
Adobe Acrobat Reader DC 15.6.30280
Adobe Acrobat Reader DC 15.6.30279
Adobe Acrobat Reader DC 15.6.30244
Adobe Acrobat Reader DC 15.6.30243
Adobe Acrobat Reader DC 15.6.30201
Adobe Acrobat Reader DC 15.6.30198
Adobe Acrobat Reader DC 15.6.30174
Adobe Acrobat Reader DC 15.6.30172
Adobe Acrobat Reader DC 15.6.30121
Adobe Acrobat Reader DC 15.6.30097
Adobe Acrobat Reader DC 2015.009.20069
Adobe Acrobat Reader DC 2015.007.20033
Adobe Acrobat Reader DC 2015.006.30094
Adobe Acrobat Reader DC 2015.006.30033
Adobe Acrobat Reader DC 15.010.20056
Adobe Acrobat Reader DC 15.006.30119
Adobe Acrobat Reader 2017.11.30066
Adobe Acrobat Reader 2017.11.30059
Adobe Acrobat Reader 2017.8.30051
Adobe Acrobat Reader 11.0.23
Adobe Acrobat Reader 11.0.22
Adobe Acrobat Reader 11.0.9
Adobe Acrobat Reader 11.0.7
Adobe Acrobat Reader 11.0.6
Adobe Acrobat Reader 11.0.4
Adobe Acrobat Reader 11.0.4
Adobe Acrobat Reader 11.0.3
Adobe Acrobat Reader 11.0.2
Adobe Acrobat Reader 11.0.7
Adobe Acrobat Reader 11.0.3
Adobe Acrobat Reader 11.0.1
Adobe Acrobat Reader 11.0.08
Adobe Acrobat Reader 11.0.06
Adobe Acrobat Reader 11.0.05
Adobe Acrobat Reader 11.0.01
Adobe Acrobat Reader 11.0.0
Adobe Acrobat DC 2017.12.20098
Adobe Acrobat DC 2017.12.20093
Adobe Acrobat DC 2017.9.20058
Adobe Acrobat DC 2017.9.20044
Adobe Acrobat DC 2015.6.30355
Adobe Acrobat DC 2015.6.30352
Adobe Acrobat DC 2015.6.30306
Adobe Acrobat DC 15.23.20070
Adobe Acrobat DC 15.23.20053
Adobe Acrobat DC 15.20.20042
Adobe Acrobat DC 15.20.20039
Adobe Acrobat DC 15.17.20053
Adobe Acrobat DC 15.17.20050
Adobe Acrobat DC 15.16.20045
Adobe Acrobat DC 15.16.20039
Adobe Acrobat DC 15.10.20060
Adobe Acrobat DC 15.10.20059
Adobe Acrobat DC 15.9.20077
Adobe Acrobat DC 15.6.30280
Adobe Acrobat DC 15.6.30279
Adobe Acrobat DC 15.6.30244
Adobe Acrobat DC 15.6.30243
Adobe Acrobat DC 15.6.30201
Adobe Acrobat DC 15.6.30198
Adobe Acrobat DC 15.6.30174
Adobe Acrobat DC 15.6.30172
Adobe Acrobat DC 15.6.30121
Adobe Acrobat DC 15.6.30097
Adobe Acrobat DC 2015.009.20069
Adobe Acrobat DC 2015.008.20082
Adobe Acrobat DC 2015.007.20033
Adobe Acrobat DC 2015.006.30094
Adobe Acrobat DC 2015.006.30060
Adobe Acrobat DC 2015.006.30033
Adobe Acrobat DC 15.010.20056
Adobe Acrobat DC 15.006.30119
Adobe Acrobat 2017.11.30066
Adobe Acrobat 11.0.22
Adobe Acrobat 11.0.21
Adobe Acrobat 11.0.20
Adobe Acrobat 11.0.19
Adobe Acrobat 11.0.18
Adobe Acrobat 11.0.17
Adobe Acrobat 11.0.16
Adobe Acrobat 11.0.11
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.4
Adobe Acrobat 11.0.2
Adobe Acrobat 11.0
Adobe Acrobat 11.0.9
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.3
Adobe Acrobat 11.0.15
Adobe Acrobat 11.0.14
Adobe Acrobat 11.0.13
Adobe Acrobat 11.0.12
Adobe Acrobat 11.0.10
Adobe Acrobat 11.0.1
Adobe Acrobat 11.0.09
Adobe Acrobat 11.0.08 Not Vulnerable:

Adobe Reader 11.0.23
Adobe Acrobat Reader DC 2018.9.20044
Adobe Acrobat Reader DC 2015.6.30392
Adobe Acrobat Reader 2017.11.30068
Adobe Acrobat DC 2018.9.20044
Adobe Acrobat DC 2015.6.30392
Adobe Acrobat 2017.11.30068
Adobe Acrobat 11.0.23

Adobe Acrobat and Reader Acrobat CVE-2017-16380 Remote Code Execution Vulnerability

Bugtraq ID: 101814 Class: Unknown CVE:

CVE-2017-16380 Remote: Yes Local: No Published: Nov 14 2017 12:00AM Updated: Nov 23 2017 01:08AM Credit: Richard Warren of NCC Group Plc. Vulnerable:

Adobe Reader 11.0.22
Adobe Reader 11.0.21
Adobe Reader 11.0.20
Adobe Reader 11.0.19
Adobe Reader 11.0.18
Adobe Reader 11.0.17
Adobe Reader 11.0.16
Adobe Reader 11.0.12
Adobe Reader 11.0.11
Adobe Reader 11.0.7
Adobe Reader 11.0.6
Adobe Reader 11.0.4
Adobe Reader 11.0.3
Adobe Reader 11.0.1
Adobe Reader 11.0.15
Adobe Reader 11.0.14
Adobe Reader 11.0.13
Adobe Reader 11.0.10
Adobe Reader 11.0.09
Adobe Reader 11.0.08
Adobe Reader 11.0.05
Adobe Reader 11.0
Adobe Acrobat Reader DC 2017.12.20098
Adobe Acrobat Reader DC 2017.12.20093
Adobe Acrobat Reader DC 2017.9.20058
Adobe Acrobat Reader DC 2017.9.20044
Adobe Acrobat Reader DC 2015.8.20082
Adobe Acrobat Reader DC 2015.6.30355
Adobe Acrobat Reader DC 2015.6.30352
Adobe Acrobat Reader DC 2015.6.30306
Adobe Acrobat Reader DC 2015.6.30060
Adobe Acrobat Reader DC 15.23.20070
Adobe Acrobat Reader DC 15.23.20053
Adobe Acrobat Reader DC 15.20.20042
Adobe Acrobat Reader DC 15.20.20039
Adobe Acrobat Reader DC 15.17.20053
Adobe Acrobat Reader DC 15.17.20050
Adobe Acrobat Reader DC 15.16.20045
Adobe Acrobat Reader DC 15.16.20039
Adobe Acrobat Reader DC 15.10.20060
Adobe Acrobat Reader DC 15.10.20059
Adobe Acrobat Reader DC 15.9.20077
Adobe Acrobat Reader DC 15.6.30280
Adobe Acrobat Reader DC 15.6.30279
Adobe Acrobat Reader DC 15.6.30244
Adobe Acrobat Reader DC 15.6.30243
Adobe Acrobat Reader DC 15.6.30201
Adobe Acrobat Reader DC 15.6.30198
Adobe Acrobat Reader DC 15.6.30174
Adobe Acrobat Reader DC 15.6.30172
Adobe Acrobat Reader DC 15.6.30121
Adobe Acrobat Reader DC 15.6.30097
Adobe Acrobat Reader DC 2015.009.20069
Adobe Acrobat Reader DC 2015.007.20033
Adobe Acrobat Reader DC 2015.006.30094
Adobe Acrobat Reader DC 2015.006.30033
Adobe Acrobat Reader DC 15.010.20056
Adobe Acrobat Reader DC 15.006.30119
Adobe Acrobat Reader 2017.11.30066
Adobe Acrobat Reader 2017.11.30059
Adobe Acrobat Reader 2017.8.30051
Adobe Acrobat DC 2017.12.20098
Adobe Acrobat DC 2017.12.20093
Adobe Acrobat DC 2017.9.20058
Adobe Acrobat DC 2017.9.20044
Adobe Acrobat DC 2015.6.30355
Adobe Acrobat DC 2015.6.30352
Adobe Acrobat DC 2015.6.30306
Adobe Acrobat DC 15.23.20070
Adobe Acrobat DC 15.23.20053
Adobe Acrobat DC 15.20.20042
Adobe Acrobat DC 15.20.20039
Adobe Acrobat DC 15.17.20053
Adobe Acrobat DC 15.17.20050
Adobe Acrobat DC 15.16.20045
Adobe Acrobat DC 15.16.20039
Adobe Acrobat DC 15.10.20060
Adobe Acrobat DC 15.10.20059
Adobe Acrobat DC 15.9.20077
Adobe Acrobat DC 15.6.30280
Adobe Acrobat DC 15.6.30279
Adobe Acrobat DC 15.6.30244
Adobe Acrobat DC 15.6.30243
Adobe Acrobat DC 15.6.30201
Adobe Acrobat DC 15.6.30198
Adobe Acrobat DC 15.6.30174
Adobe Acrobat DC 15.6.30172
Adobe Acrobat DC 15.6.30121
Adobe Acrobat DC 15.6.30097
Adobe Acrobat DC 2015.009.20069
Adobe Acrobat DC 2015.008.20082
Adobe Acrobat DC 2015.007.20033
Adobe Acrobat DC 2015.006.30094
Adobe Acrobat DC 2015.006.30060
Adobe Acrobat DC 2015.006.30033
Adobe Acrobat DC 15.010.20056
Adobe Acrobat DC 15.006.30119
Adobe Acrobat 2017.8.30051
Adobe Acrobat 11.0.22
Adobe Acrobat 11.0.21
Adobe Acrobat 11.0.20
Adobe Acrobat 11.0.19
Adobe Acrobat 11.0.18
Adobe Acrobat 11.0.17
Adobe Acrobat 11.0.16
Adobe Acrobat 11.0.11
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.4
Adobe Acrobat 11.0.2
Adobe Acrobat 11.0
Adobe Acrobat 11.0.9
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.3
Adobe Acrobat 11.0.15
Adobe Acrobat 11.0.14
Adobe Acrobat 11.0.13
Adobe Acrobat 11.0.12
Adobe Acrobat 11.0.10
Adobe Acrobat 11.0.1
Adobe Acrobat 11.0.09
Adobe Acrobat 11.0.08
Adobe Acrobat 11.0 Not Vulnerable:

Adobe Reader 11.0.23
Adobe Acrobat Reader DC 2018.9.20044
Adobe Acrobat Reader DC 2015.6.30392
Adobe Acrobat Reader 2017.11.30068
Adobe Acrobat DC 2018.9.20044
Adobe Acrobat DC 2015.6.30392
Adobe Acrobat 11.0.23

Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities

Bugtraq ID: 101818 Class: Unknown CVE:

CVE-2017-16360
CVE-2017-16388
CVE-2017-16389
CVE-2017-16390
CVE-2017-16393
CVE-2017-16398 Remote: Yes Local: No Published: Nov 14 2017 12:00AM Updated: Nov 23 2017 01:08AM Credit: Toan Pham @__suto and Gal De Leon of Palo Alto Networks. Vulnerable:

Adobe Reader 11.0.22
Adobe Reader 11.0.21
Adobe Reader 11.0.20
Adobe Reader 11.0.18
Adobe Reader 11.0.17
Adobe Reader 11.0.16
Adobe Reader 11.0.12
Adobe Reader 11.0.11
Adobe Reader 11.0.7
Adobe Reader 11.0.6
Adobe Reader 11.0.4
Adobe Reader 11.0.3
Adobe Reader 11.0.1
Adobe Reader 11.0.15
Adobe Reader 11.0.14
Adobe Reader 11.0.13
Adobe Reader 11.0.10
Adobe Reader 11.0.09
Adobe Reader 11.0.08
Adobe Reader 11.0.05
Adobe Reader 11.0
Adobe Acrobat Reader DC 2017.12.20098
Adobe Acrobat Reader DC 2017.12.20093
Adobe Acrobat Reader DC 2015.6.30355
Adobe Acrobat Reader DC 2015.6.30352
Adobe Acrobat Reader DC 2015.6.30306
Adobe Acrobat Reader DC 2015.6.30060
Adobe Acrobat Reader DC 15.20.20042
Adobe Acrobat Reader DC 15.20.20039
Adobe Acrobat Reader DC 15.17.20053
Adobe Acrobat Reader DC 15.17.20050
Adobe Acrobat Reader DC 15.16.20045
Adobe Acrobat Reader DC 15.16.20039
Adobe Acrobat Reader DC 15.10.20060
Adobe Acrobat Reader DC 15.10.20059
Adobe Acrobat Reader DC 15.9.20077
Adobe Acrobat Reader DC 15.6.30244
Adobe Acrobat Reader DC 15.6.30243
Adobe Acrobat Reader DC 15.6.30201
Adobe Acrobat Reader DC 15.6.30198
Adobe Acrobat Reader DC 15.6.30174
Adobe Acrobat Reader DC 15.6.30172
Adobe Acrobat Reader DC 15.6.30121
Adobe Acrobat Reader DC 15.6.30097
Adobe Acrobat Reader DC 2015.006.30094
Adobe Acrobat Reader DC 2015.006.30033
Adobe Acrobat Reader DC 15.010.20056
Adobe Acrobat Reader DC 15.006.30119
Adobe Acrobat Reader 2017.11.30066
Adobe Acrobat Reader 2017.11.30059
Adobe Acrobat DC 2017.12.20098
Adobe Acrobat DC 2017.12.20093
Adobe Acrobat DC 2015.6.30355
Adobe Acrobat DC 2015.6.30352
Adobe Acrobat DC 2015.6.30306
Adobe Acrobat DC 15.20.20042
Adobe Acrobat DC 15.20.20039
Adobe Acrobat DC 15.17.20053
Adobe Acrobat DC 15.17.20050
Adobe Acrobat DC 15.16.20045
Adobe Acrobat DC 15.16.20039
Adobe Acrobat DC 15.10.20060
Adobe Acrobat DC 15.10.20059
Adobe Acrobat DC 15.9.20077
Adobe Acrobat DC 15.6.30244
Adobe Acrobat DC 15.6.30243
Adobe Acrobat DC 15.6.30201
Adobe Acrobat DC 15.6.30198
Adobe Acrobat DC 15.6.30174
Adobe Acrobat DC 15.6.30172
Adobe Acrobat DC 15.6.30121
Adobe Acrobat DC 15.6.30097
Adobe Acrobat DC 2015.006.30094
Adobe Acrobat DC 2015.006.30060
Adobe Acrobat DC 2015.006.30033
Adobe Acrobat DC 15.010.20056
Adobe Acrobat DC 15.006.30119
Adobe Acrobat 2017.11.30066
Adobe Acrobat 2017.11.30059
Adobe Acrobat 11.0.22
Adobe Acrobat 11.0.21
Adobe Acrobat 11.0.20
Adobe Acrobat 11.0.18
Adobe Acrobat 11.0.17
Adobe Acrobat 11.0.16
Adobe Acrobat 11.0.11
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.6
Adobe Acrobat 11.0.4
Adobe Acrobat 11.0.2
Adobe Acrobat 11.0
Adobe Acrobat 11.0.9
Adobe Acrobat 11.0.7
Adobe Acrobat 11.0.3
Adobe Acrobat 11.0.15
Adobe Acrobat 11.0.14
Adobe Acrobat 11.0.13
Adobe Acrobat 11.0.12
Adobe Acrobat 11.0.10
Adobe Acrobat 11.0.1
Adobe Acrobat 11.0.09
Adobe Acrobat 11.0.08
Adobe Acrobat 11.0 Not Vulnerable:

Adobe Reader 11.0.23
Adobe Acrobat Reader DC 2018.9.20044
Adobe Acrobat Reader DC 2015.6.30392
Adobe Acrobat Reader 2017.11.30068
Adobe Acrobat DC 2018.9.20044
Adobe Acrobat DC 2015.6.30392
Adobe Acrobat 2017.11.30068
Adobe Acrobat 11.0.23

SecurityFocus

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————

Debian Security Advisory DSA-4046-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
November 22, 2017 https://www.debian.org/security/faq
– ————————————————————————

Package : libspring-ldap-java
CVE ID : CVE-2017-8028

Tobias Schneider discovered that libspring-ldap-java, a Java library
for Spring-based applications using the Lightweight Directory Access
Protocol, would under some circumstances allow authentication with a
correct username but an arbitrary password.

For the oldstable distribution (jessie), this problem has been fixed
in version 1.3.1.RELEASE-5+deb8u1.

We recommend that you upgrade your libspring-ldap-java packages.

For the detailed security status of libspring-ldap-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libspring-ldap-java

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
—–BEGIN PGP SIGNATURE—–

iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAloVtEUACgkQEL6Jg/PV
nWSbSgf/aBFHoKWTrjUx9W++O+Fc7Or0ZqMYZgHRTmWxorIRL+QT18jxVYYwnKfe
JLvjuX68foYcS9oArbcNbafYWgjkRVZZCA05+RT8ws0c4qC4/0Gf909jn/7iUCp1
4bLdLNYrTm5rkk2a1iNOu7GDAo5bTanj/0uZVKp78U9mn3bJkzjy+TUSAe9Aw/fa
pBAGlIJfp7PSTB1BHjaW2cHActuTOKQyT9rN33GFK3lX40TqMesyOL7mZiJtBJ/C
+YtlrdHHL8uuQA9Fg6LMEzwMBOtmtgvaN6yVpn80BZSQ6nsL+r+xQRutGPup1Gq0
xaYT8ClXlaYknaKtTbZ6dJMdmvz4Bg==
=4Vlo
—–END PGP SIGNATURE—–

[ reply ]

SecurityFocus

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————

Debian Security Advisory DSA-4045-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 21, 2017 https://www.debian.org/security/faq
– ————————————————————————

Package : vlc
CVE ID : CVE-2017-9300 CVE-2017-10699

Several vulnerabilities have been found in VLC, the VideoLAN project’s
media player. Processing malformed media files could lead to denial of
service and potentially the execution of arbitrary code.

For the oldstable distribution (jessie), these problems have been fixed
in version 2.2.7-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.7-1~deb9u1.

We recommend that you upgrade your vlc packages.

For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vlc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAloUoy8ACgkQEMKTtsN8
TjbphRAAhCEvfLSF28zzAzmirCHcchaV9c3GAplGIWUTVvoa2gzqmsCl2117TX//
1rfP1uXlKZZB4gQ/leNAX8HH5aaMy8pIagdUXJb9X/F8vxGsPpY6xgfZ7VlnfUpG
r1VTmpUSuXwaAO1PjtkQ5QEQ/UpcgjUtH8fXCMeHlmxjzDtRPaUv54m9otHUsb3L
g3Z2amA1cokvsLEVjug/Q5qUJ1XA+VVt1H5K3g2D7DfDYW7kXVVgB/KXG4412TJ0
JTkKe2EwAUpNGw42IngJa480O0ux6DyRiydYTtJJdkUqLwWEil7ReiTbimZKOA0q
bY7/1e6l8k3qNrTMSKbkVGQKSK/0csVWF2GBpk9ggLjEok79neWwqVv2ihtY6Olc
gTisa3rh3M2VFgybTOf8nkidFWL621+vwHTGkzbd1CNp8kM2IZviBNFk5oo0Negs
YvwroyDEii4jbqTfIPI983SofqlH0wk4wEYw25D2GNWp/7lVyJQuMD4FqpjjYL0C
iwzrvAafeSPSY6dPKi+4GVNq4fgtq2o+SGhEmiBUdz6FPZTe9qla5SYRcS+n694C
t5ZX+6fT2zM+ajjMyHVSewEHa8KVvqqF84UNGVELG7pEdtRmxq2w+cM0qUDhpjbD
xL9PswX2yvfXL/8EwjdmyWFXv6X0/i/CwI+G8RW9V0mkT2yclR8=
=zhxY
—–END PGP SIGNATURE—–

[ reply ]

SecurityFocus

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: MyTy
# Vendor: Finlane GmbH
# CSNC ID: CSNC-2017-030
# CVE ID: –
# Subject: Reflected Cross-Site Scripting (XSS)
# Risk: High
# Effect: Remotely exploitable
# Author: Nicolas Heiniger
# Date: 21.11.2017
#
#############################################################

Introduction:
————-
MyTy[1] is a software framework that includes a crowdfunding module. It can be
installed on a customer server and used to create whitelabel websites for
crowdfunding platforms.

Compass Security discovered a web application security flaw in the login page of
the administration web console that allows an unauthenticated attacker to
execute JavaScript code in the browser of a legitimate user. This allows, for
instance, to redirect the user to a phishing page and gather credentials.

Affected:
———
Vulnerable:
* MyTy 5.1.0 to 5.1.7

Technical Description
———————
In the login page of the administration console, a tyLang parameter is passed
together with the user and the password in the login request. This parameter is
then included unencoded in the HTTP response.

The login request for a proof of concept is as follows:
===============
POST /tycon/index.php HTTP/1.1
Host: [CUT BY COMPASS]
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Referer: [CUT BY COMPASS]
Cookie: tyFl=de_de; XSRF-TOKEN=ZNc%2FZRg4sCgXP0g3IZZ8QxsO7caLshyKp7u75yiyW5o%3D;
lang=de; PHPSESSID=b4pcsacfvpv716e3l825cqbuo3; tyBl=en_us; cfce=1;
_ga=GA1.2.75537659.1504612703; cf_cookie_policy_read=1;
_gid=GA1.2.1498092563.1504761922
CSNC-HEN: Pentest1-Blue
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 97

view=default&fromTopic=&tyLang=de”
&seleted_user_id=0&seleted_user_hash=&name=admin&password=123456
===============

The HTTP response shows that the payload is returned unencoded in the HTML page:
===============
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Sep 2017 06:52:05 GMT
Content-Type: text/html; charset=utf-8

[CUT BY COMPASS]







myty-Login | myty 5.1.7/2017-09-06
http://filamentgroup.com/examples/iosScaleBug/ -->rel=”stylesheet” type=”text/css”/>


‘,
themepath: ‘/tycon/themes/spring’
},
[CUT BY COMPASS]
===============

Workaround / Fix:
—————–
Install an up to date version of the MyTy software.

As a developer:
This issue can be fixed by properly encoding dangerous characters in the output
according to the encoding rules of the respective type of context (HTML body,
argument, JS string, generated URLs). For normal HTML body content, the
following HTML entities can be used:
< -> <
> -> >
” -> “
‘ -> ‘
& -> &

Timeline:
———
2017-11-21: Coordinated public disclosure date
2017-09-08: Release of fix in version 5.1.8
2017-09-08: Initial vendor response
2017-09-07: Initial vendor notification
2017-09-07: Discovery by Nicolas Heiniger

References:
———–
[1] https://www.finlane.com/loesungen/whitelabel-pages/

[ reply ]

SecurityFocus

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: MyTy
# Vendor: Finlane GmbH
# CSNC ID: CSNC-2017-029
# CVE ID: –
# Subject: Blind SQL injection
# Risk: High
# Effect: Remotely exploitable
# Author: Nicolas Heiniger
# Date: 21.11.2017
#
#############################################################

Introduction:
————-
MyTy[1] is a software framework that includes a crowdfunding module. It can be
installed on a customer server and used to create whitelabel websites for
crowdfunding platforms.

Compass Security discovered a web application security flaw in the crowdfunding
module login process that allows an unauthenticated attacker to execute
arbitrary SQL query against the database. This allows to read and modify the
whole database, within the privilege limitations of the database user executing
the queries.

Affected:
———
Vulnerable:
* MyTy 5.0.4 to 5.1.6

Technical Description
———————
During the login process, the user email and password are sent in a POST
request. In this request, the login_email parameter is concatenated into an SQL
query in a way that allows for SQL injection.

This was first discovered as a time-based blind injection with the following
request:
===============
POST /tycon/modules/crowdfunding/mvc/controller/ajax/user/login/show.php?popi
n=1
&type=simpleLogin&activeTab=0 HTTP/1.1
Host: [CUT BY COMPASS]
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: [CUT BY COMPASS]
Content-Length: 154
Cookie: tyFl=de_de; XSRF-TOKEN=oBwu%2BTWkisoYIpFEzoHDdSceUSflgjymh2uN1wXxZKg%3D;
lang=de; PHPSESSID=e1e71aroeb557v412tov9fu574; tyBl=en_us; cfce=1;
_ga=GA1.2.75537659.1504612703; _gid=GA1.2.1847726517.1504612703;
cf_cookie_policy_read=1; _gat=1
CSNC-HEN: Pentest1-Blue
Connection: close

login=1&callback=&redirect=&fwd=%252Fprojekte%252Fsuchergebnisse.html%25
3F
&login_type=inline&popin=1&type=simpleLogin
&login_email=test’%2b(select*from(select(sleep(20)))a)%2b’&login_passwor
d=1234
===============

Workaround / Fix:
—————–
Install an up to date version of the MyTy software.

As a developer:
Strictly use prepared statements in order to protect the application from SQL
injection.

Optional addition:
Validate all user input and filter dangerous characters, which can cause a
change of the context and have to be filtered, cut or escaped e.g. ” ‘ — () ;

Timeline:
———
2017-11-21: Coordinated public disclosure date
2017-09-06: Release of fix in versions 5.0.12 and 5.1.7
2017-09-06: Initial vendor response
2017-09-06: Initial vendor notification
2017-09-06: Discovery by Nicolas Heiniger

References:
———–
[1] https://www.finlane.com/loesungen/whitelabel-pages/
[2] https://github.com/sqlmapproject/sqlmap

[ reply ]

MS Office Built-In Feature Could be Exploited to Create Self-Replicating Malware

ms-office-macro-malware

Earlier this month a cybersecurity researcher shared details of a security loophole with The Hacker News that affects all versions of Microsoft Office, allowing malicious actors to create and spread macro-based self-replicating malware.

Macro-based self-replicating malware, which basically allows a macro to write more macros, is not new among hackers, but to prevent such threats, Microsoft has already introduced a security mechanism in MS Office that by default limits this functionality.

Lino Antonio Buono, an Italian security researcher who works at InTheCyber, reported a simple technique (detailed below) that could allow anyone to bypass the security control put in place by Microsoft and create self-replicating malware hidden behind innocent-looking MS Word documents.

What’s Worse? Microsoft refused to consider this issue a security loophole when contacted by the researcher in October this year, saying it’s a feature intended to work this way only—just like MS Office DDE feature, which is now actively being used by hackers.

New ‘qkG Ransomware’ Found Using Same Self-Spreading Technique

Interestingly, one such malware is on its way to affect you. I know, that was fast—even before its public disclosure.

Just yesterday, Trend Micro published a report on a new piece of macro-based self-replicating ransomware, dubbed “qkG,” which exploits exactly the same MS office feature that Buono described to our team.

Trend Micro researchers spotted qkG ransomware samples on VirusTotal uploaded by someone from Vietnam, and they said this ransomware looks “more of an experimental project or a proof of concept (PoC) rather than a malware actively used in the wild.”

The qkG ransomware employs Auto Close VBA macro—a technique that allows executing malicious macro when victim closes the document.

qkG-ransomware

The latest sample of qkG ransomware now includes a Bitcoin address with a small ransom note demanding $300 in BTC as shown.

It should be noted that the above-mentioned Bitcoin address hasn’t received any payment yet, which apparently means that this ransomware has not yet been used to target people.

Moreover, this ransomware is currently using the same hard-coded password: “I’m QkG@PTM17! by TNA@MHT-TT2” that unlocks affected files.

Here’s How this New Attack Technique Works

In order to make us understand the complete attack technique, Buono shared a video with The Hacker News that demonstrates how an MS Word document equipped with malicious VBA code could be used to deliver a self-replicating multi-stage malware.

If you are unaware, Microsoft has disabled external (or untrusted) macros by default and to restrict default programmatic access to Office VBA project object model, it also offers users to manually enable “Trust access to the VBA project object model,” whenever required.

microsoft-office-macro-malware

With “Trust access to the VBA project object model” setting enabled, MS Office trusts all macros and automatically runs any code without showing security warning or requiring user’s permission.

Buono found that this setting can be enabled/disabled just by editing a Windows registry, eventually enabling the macros to write more macros without user’s consent and knowledge.

windows-registry-enable-macro

As shown in the video, a malicious MS Doc file created by Buono does the same—it first edits the Windows registry and then injects same macro payload (VBA code) into every doc file that the victim creates, edits or just opens on his/her system.

Victims Will be Unknowingly Responsible for Spreading Malware Further

In other words, if the victim mistakenly allows the malicious doc file to run macros once, his/her system would remain open to macro-based attacks.

Moreover, the victim will also be unknowingly responsible for spreading the same malicious code to other users by sharing any infected office files from his/her system.

This attack technique could be more worrisome when you receive a malicious doc file from a trusted contact who have already been infected with such malware, eventually turning you into its next attack vector for others.

Although this technique is not being exploited in the wild, the researcher believes it could be exploited to spread dangerous self-replicating malware that could be difficult to deal with and put an end.

Since this is a legitimate feature, most antivirus solutions do not flag any warning or block MS Office documents with VBA code, neither the tech company has any plans of issuing a patch that would restrict this functionality.

Buono suggests “In order to (partially) mitigate the vulnerability it is possible to move the AccessVBOM registry key from the HKCU hive to the HKLM, making it editable only by the system administrator.”

The best way to protect yourself from such malware is always to be suspicious of any uninvited documents sent via an email and never click on links inside those documents unless adequately verifying the source.

USN-3491-1: ldns vulnerabilities

Ubuntu Security Notice USN-3491-1

22nd November, 2017

ldns vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.10
  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in ldns.

Software description

  • ldns
    – ldns library for DNS programming

Details

Leon Weber discovered that the ldns-keygen tool incorrectly set permissions
on private keys. A local attacker could possibly use this issue to obtain
generated private keys. This issue only applied to Ubuntu 14.04 LTS.
(CVE-2014-3209)

Stephan Zeisberg discovered that ldns incorrectly handled memory when
processing data. A remote attacker could use this issue to cause ldns to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2017-1000231, CVE-2017-1000232)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.10:
libldns2

1.7.0-1ubuntu1.17.10.1
Ubuntu 17.04:
libldns2

1.7.0-1ubuntu1.17.04.1
Ubuntu 16.04 LTS:
libldns1

1.6.17-8ubuntu0.1
Ubuntu 14.04 LTS:
libldns1

1.6.17-1ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-3209,

CVE-2017-1000231,

CVE-2017-1000232

Read More

Software and Security Information