Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2006:041: acroread


Vulnerability Assessment Details

SUSE-SA:2006:041: acroread

Vulnerability Assessment Summary
Check for the version of the acroread package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2006:041 (acroread).


Various unspecified security problems have been fixed in Acrobat
Reader version 7.0.8.

Adobe does not provide detailed information about the nature of the
security problems. Therefore, it is necessary to assume that remote
code execution is possible.


Adobe does not provide update packages for Acroread that are compatible
with some of our releases from the past. Therefore, updates are missing
(and might not be provided) for the products listed as follows.

As a solution to Adobe acroread security problems on older products
we suggest removal of the package from exposed systems and to use
the longer maintained open source PDF viewers.

- SUSE Linux Enterprise Server 9, Open Enterprise Server,
Novell Linux POS 9

Acrobat Reader 7.0.8 has a new requirement on GTK+ 2.4 libraries
(previously GTK+ 2.2).

Since the above products contain only GTK+ 2.2, the Acrobat Reader
7.0.8 provided by Adobe is currently not functional.

We have postponed the updates and wait for Adobe to clarify this
problem.

- SUSE Linux Enterprise Server 8, SUSE Linux Enterprise Desktop 1

These versions only support Acrobat Reader 5 and could not be
upgraded for Acrobat Reader 7 due to glibc and GTK+ requirements.

We discontinued security support for Acrobat Reader on those
products some time ago already.

This issue is tracked by the Mitre CVE ID CVE-2006-3093.


Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2006_41_acroread.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

IBM x3250 M2 Server X3320 Intel Xeon Quad Core 2.50GHz 4.0Gb 2 X 500 Gb 7200 RPM
$79.99
IBM x3250 M2 Server X3320 Intel Xeon Quad Core 2.50GHz 4.0Gb 2 X 500 Gb 7200 RPM pictureIBM Model M Clicky Keyboard 1396790 PS/2 Greenlock, Scotland for IBM 11-1-1995
$100.0
IBM Model M Clicky Keyboard 1396790 PS/2 Greenlock, Scotland for IBM 11-1-1995 pictureVTG Gravis Mark VI IBM PC Computer Game Joystick w Box
$20.0
VTG Gravis Mark VI IBM PC Computer Game Joystick w Box picture15.4" Widescreen IBM Lenovo ThinkPad ThinkPad T60 T5500 1.66GHz 2GB 160GB HD DVD
$127.0
15.4


Discussions

No Discussions have been posted on this vulnerability.