Oval Definition:oval:org.mitre.oval:def:8327
Revision Date:2013-08-12Version:19
Title:Adobe Reader and Acrobat Remote Security Bypass Vulnerability
Description:The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-3956
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Adobe Acrobat
Adobe Reader
Definition Synopsis
  • Adobe Reader 8
  • Adobe Reader 8 Series is installed
  • AND Adobe Reader 8, the sub-version is vulnerable
  • Adobe Reader is less than 8.2.0
  • OR Adobe Reader library is less than 8.2.1
  • OR Adobe Reader 9
  • Adobe Reader 9 Series is installed
  • AND Adobe Reader 9, the sub-version is vulnerable
  • Adobe Reader is less than 9.3.0
  • OR Adobe Reader library is less than 9.3.1
  • OR Adobe Acrobat 8
  • Adobe Acrobat 8 Series is installed
  • AND Adobe Acrobat 8, the sub-version is vulnerable
  • Adobe Acrobat is less than 8.2.0
  • OR Adobe Acrobat library is less than 8.2.1
  • OR Adobe Acrobat 9
  • Adobe Acrobat 9 Series is installed
  • AND Adobe Acrobat 9, the sub-version is vulnerable
  • Adobe Acrobat is less than 9.3.0
  • OR Adobe Acrobat library is less than 9.3.1
    • BACK