Definitions for Adobe Reader/Acrobat
|
|
Chandan-2
|
Please find the attached document of Oval Definitions for
Adobe Reader & Adobe Acrobat. Thanks, Chandan www.secpod.com To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email]. <?xml version="1.0" encoding="UTF-8"?> <oval_definitions xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"> <generator> <oval:product_name>The OVAL Repository</oval:product_name> <oval:schema_version>5.6</oval:schema_version> <oval:timestamp>2009-10-23T03:25:55.036-04:00</oval:timestamp> </generator> <definitions> <definition id="oval:org.secpod.oval:def:90108" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat DoS via long sequence of # (hash) characters</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2007-0048" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0048"/> <description>Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a cross-site scripting issue.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90109" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat Multiple Vulnerabilities</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2007-0045" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0045"/> <description>Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770, and Opera 9.10.8679 on Windows allow remote attackers to inject arbitrary JavaScript and conduct other attacks via a .pdf URL with a javascript: or res: URI with (1) FDF, (2) XML, and (3) XFDF AJAX parameters, or (4) an arbitrarily named name=URI anchor identifier, aka Universal XSS (UXSS).</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90110" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat getPlus_HelperSvc.exe) local elevation of privileges</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2564" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2564"/> <description>NOS Microsystems getPlus Download Manager for Adobe 1.6.2.36, and possibly other versions, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90111" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat denial of service via a crafted document</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2979" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2979"/> <description>Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90112" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat DoS or possibly execute arbitrary code via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2980" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2980"/> <description>Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90113" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat bypass intended Trust Manager restrictions via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2981" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2981"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90114" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat social engineering attack via unknown vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2982" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2982"/> <description>An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90115" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause DoS (memory corruption) or execute arbitrary code via unspecified vectors.</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2983" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2983"/> <description>Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90116" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause denial of service or possibly execute arbitrary code via unknown vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2984" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2984"/> <description>Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90117" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause DoS and Arbitrary Execution</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2985" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2985"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90118" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2986" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2986"/> <description>Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90119" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause denial of service via unknown vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2987" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2987"/> <description>Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90120" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause Denial of Service Vulnerability</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2988" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2988"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90121" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause execution of arbitrary code vulnerability</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2989" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2989"/> <description>Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90122" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2990" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2990"/> <description>Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90123" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat might allow remote attackers to execute arbitrary code via unknown vectors. </title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2991" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2991"/> <description>Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90124" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allows attackers to cause a denial of service via unknown vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2992" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2992"/> <description>An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90125" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause Multiple Vulnerabilities</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2993" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2993"/> <description>The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90126" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow attackers to execute arbitrary code via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2994" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2994"/> <description>Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90127" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allows attackers to cause a DoS via unspecified vectors.</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2995" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2995"/> <description>Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90128" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat memory corruption or possibly execute arbitrary code via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2996" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2996"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90129" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat cause arbitrary code execution via unspecified vectors</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2997" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2997"/> <description>Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90130" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow arbitrary code execution and DoS</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-2998" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2998"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90131" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat denial of service (application crash) via a PDF</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3431" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3431"/> <description>Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90132" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow arbitrary code execution</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3458" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3458"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90133" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow to execute arbitrary code via a crafted PDF file</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3459" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3459"/> <description>Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90134" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allow memory corruption</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3460" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3460"/> <description>Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90135" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat allows attackers to bypass intended file-extension</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3461" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3461"/> <description>Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90136" version="1" class="vulnerability"> <metadata> <title>Adobe Reader and Acrobat 'format bug' remote arbitrary code execution</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> <product>Adobe Acrobat</product> </affected> <reference source="CVE" ref_id="CVE-2009-3462" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3462"/> <description>Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a format bug.</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria operator="OR"> <criteria operator="AND" comment="Adobe Reader 7"> <extend_definition comment="Adobe Reader 7 is installed" definition_ref="oval:org.secpod.oval:def:90137"/> <criterion comment="Adobe Reader is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90114"/> </criteria> <criteria operator="AND" comment="Adobe Reader 8"> <extend_definition comment="Adobe Reader 8 is installed" definition_ref="oval:org.secpod.oval:def:90138"/> <criterion comment="Adobe Reader is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90115"/> </criteria> <criteria operator="AND" comment="Adobe Reader 9"> <extend_definition comment="Adobe Reader 9 is installed" definition_ref="oval:org.secpod.oval:def:90139"/> <criterion comment="Adobe Reader is less than 9.2" test_ref="oval:org.secpod.oval:tst:90116"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 7"> <extend_definition comment="Adobe Acrobat 7 is installed" definition_ref="oval:org.secpod.oval:def:90140"/> <criterion comment="Adobe Acrobat is less than 7.1.4" test_ref="oval:org.secpod.oval:tst:90117"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 8"> <extend_definition comment="Adobe Acrobat 8 is installed" definition_ref="oval:org.secpod.oval:def:90141"/> <criterion comment="Adobe Acrobat is less than 8.1.7" test_ref="oval:org.secpod.oval:tst:90118"/> </criteria> <criteria operator="AND" comment="Adobe Acrobat 9"> <extend_definition comment="Adobe Acrobat 9 is installed" definition_ref="oval:org.secpod.oval:def:90142"/> <criterion comment="Adobe Acrobat is less than 9.2" test_ref="oval:org.secpod.oval:tst:90119"/> </criteria> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90137" version="0" class="inventory"> <metadata> <title>Adobe Reader 7 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_reader:7"/> <description>Adobe Reader 7 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Reader 7 Series is installed" test_ref="oval:org.secpod.oval:tst:90108"/> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90138" version="0" class="inventory"> <metadata> <title>Adobe Reader 8 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_reader:8"/> <description>Adobe Reader 8 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Reader 8 Series is installed" test_ref="oval:org.secpod.oval:tst:90109"/> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90139" version="0" class="inventory"> <metadata> <title>Adobe Reader 9 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Reader</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_reader:9"/> <description>Adobe Reader 9 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Reader 9 Series is installed" test_ref="oval:org.secpod.oval:tst:90110"/> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90140" version="0" class="inventory"> <metadata> <title>Adobe Acrobat 7 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Acrobat</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_acrobat:7"/> <description>Adobe Acrobat 7 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Acrobat 7 Series is installed" test_ref="oval:org.secpod.oval:tst:90111"/> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90141" version="0" class="inventory"> <metadata> <title>Adobe Acrobat 8 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Acrobat</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_acrobat:8"/> <description>Adobe Acrobat 8 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Acrobat 8 Series is installed" test_ref="oval:org.secpod.oval:tst:90112"/> </criteria> </definition> <definition id="oval:org.secpod.oval:def:90142" version="0" class="inventory"> <metadata> <title>Adobe Acrobat 9 Series is installed</title> <affected family="windows"> <platform>Microsoft Windows 2000</platform> <platform>Microsoft Windows XP</platform> <platform>Microsoft Windows Vista</platform> <platform>Microsoft Windows Server 2003</platform> <platform>Microsoft Windows Server 2008</platform> <platform>Microsoft Windows 7</platform> <product>Adobe Acrobat</product> </affected> <reference source="CPE" ref_id="cpe:/a:adobe:adobe_acrobat:9"/> <description>Adobe Acrobat 9 Series is installed</description> <oval_repository> <dates> <submitted date="2009-10-23T03:25:55"> <contributor organization="SecPod Technologies">Chandan S</contributor> </submitted> </dates> <status>INITIAL SUBMISSION</status> </oval_repository> </metadata> <criteria> <criterion comment="Adobe Acrobat 9 Series is installed" test_ref="oval:org.secpod.oval:tst:90113"/> </criteria> </definition> </definitions> <tests> <registry_test id="oval:org.secpod.oval:tst:90108" version="1" comment="Adobe Reader 7.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90108"/> <state state_ref="oval:org.secpod.oval:ste:90108"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90109" version="1" comment="Adobe Reader 8.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90109"/> <state state_ref="oval:org.secpod.oval:ste:90109"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90110" version="1" comment="Adobe Reader 9.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90110"/> <state state_ref="oval:org.secpod.oval:ste:90110"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90111" version="1" comment="Adobe Acrobat 7.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90111"/> <state state_ref="oval:org.secpod.oval:ste:90108"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90112" version="1" comment="Adobe Acrobat 8.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90112"/> <state state_ref="oval:org.secpod.oval:ste:90109"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90113" version="1" comment="Adobe Acrobat 9.x version is installed" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90113"/> <state state_ref="oval:org.secpod.oval:ste:90110"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90114" version="1" comment="Adobe Reader is less than 7.1.4" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90108"/> <state state_ref="oval:org.secpod.oval:ste:90111"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90115" version="1" comment="Adobe Reader is less than 8.1.7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90109"/> <state state_ref="oval:org.secpod.oval:ste:90112"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90116" version="1" comment="Adobe Reader is less than 9.2" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90110"/> <state state_ref="oval:org.secpod.oval:ste:90113"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90117" version="1" comment="Adobe Acrobat is less than 7.1.4" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90111"/> <state state_ref="oval:org.secpod.oval:ste:90111"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90118" version="1" comment="Adobe Acrobat is less than 8.1.7" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90112"/> <state state_ref="oval:org.secpod.oval:ste:90112"/> </registry_test> <registry_test id="oval:org.secpod.oval:tst:90119" version="1" comment="Adobe Acrobat is less than 9.2" check_existence="at_least_one_exists" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <object object_ref="oval:org.secpod.oval:obj:90113"/> <state state_ref="oval:org.secpod.oval:ste:90113"/> </registry_test> </tests> <objects> <registry_object id="oval:org.mitre.oval:obj:6200" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Acrobat Reader\7.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6272" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Acrobat Reader\8.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6736" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Acrobat Reader\9.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6740" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Adobe Acrobat\7.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6808" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Adobe Acrobat\8.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.mitre.oval:obj:6858" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key>SOFTWARE\Adobe\Adobe Acrobat\9.0\Installer</key> <name>ENU_GUID</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90108" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90108" var_check="all"/> <name>DisplayVersion</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90109" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90109" var_check="all"/> <name>DisplayVersion</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90110" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90110" var_check="all"/> <name>DisplayVersion</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90111" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90111" var_check="all"/> <name>DisplayVersion</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90112" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90112" var_check="all"/> <name>DisplayVersion</name> </registry_object> <registry_object id="oval:org.secpod.oval:obj:90113" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <hive>HKEY_LOCAL_MACHINE</hive> <key var_ref="oval:org.secpod.oval:var:90113" var_check="all"/> <name>DisplayVersion</name> </registry_object> </objects> <states> <registry_state id="oval:org.secpod.oval:ste:90108" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^7\..*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:90109" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^8\..*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:90110" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value operation="pattern match">^9\..*</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:90111" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value datatype="version" operation="less than">7.1.4</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:90112" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value datatype="version" operation="less than">8.1.7</value> </registry_state> <registry_state id="oval:org.secpod.oval:ste:90113" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows"> <value datatype="version" operation="less than">9.2.0</value> </registry_state> </states> <variables> <local_variable id="oval:org.secpod.oval:var:90108" version="1" comment="Adobe Reader Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6200"/> </concat> </local_variable> <local_variable id="oval:org.secpod.oval:var:90109" version="1" comment="Adobe Reader Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6272"/> </concat> </local_variable> <local_variable id="oval:org.secpod.oval:var:90110" version="1" comment="Adobe Reader Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6736"/> </concat> </local_variable> <local_variable id="oval:org.secpod.oval:var:90111" version="1" comment="Adobe Acrobat Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6740"/> </concat> </local_variable> <local_variable id="oval:org.secpod.oval:var:90112" version="1" comment="Adobe Acrobat Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6808"/> </concat> </local_variable> <local_variable id="oval:org.secpod.oval:var:90113" version="1" comment="Adobe Acrobat Key" datatype="string"> <concat> <literal_component>SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\</literal_component> <object_component item_field="value" object_ref="oval:org.mitre.oval:obj:6858"/> </concat> </local_variable> </variables> </oval_definitions> |
||||||||||||||||
Lah, Mike M.
|
Chandan,
Thank you for the definitions. The OVAL Repository has been updated and the definitions are available for further community review. Thanks, Mike ==================================================== Mike Lah G022 - Information Assurance Industry Collaboration The MITRE Corporation [hidden email] -----Original Message----- From: chandan [mailto:[hidden email]] Sent: Friday, October 23, 2009 10:54 AM To: oval-discussion-list OVAL Discussion List/Closed Public Discussi Subject: [OVAL-DISCUSSION-LIST] Definitions for Adobe Reader/Acrobat Please find the attached document of Oval Definitions for Adobe Reader & Adobe Acrobat. Thanks, Chandan www.secpod.com To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email]. To unsubscribe, send an email message to [hidden email] with SIGNOFF OVAL-DISCUSSION-LIST in the BODY of the message. If you have difficulties, write to [hidden email]. |
||||||||||||||||
| Free Embeddable Forum Powered by Nabble | Help |
