Topic
  • 2 replies
  • Latest Post - ‏2012-11-13T20:24:35Z by SystemAdmin
jfschafer
jfschafer
7 Posts

Pinned topic Broken Vulnerability Fixlet- Unspecified Vulnerability in the PRC compnent

‏2012-11-13T16:44:14Z |
I noticed one of the vulberabilities in the Vulnerabilities for Windows site that is titled: "Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011."

. . . is possibly broken. I have systems with Adobe Acrobat and Reader with 10.1.4 only (no other versions installed) and it's showing them as vulnerable in fact every single system that has Adobe Acrobat or Reader installed is showing as vulnerabile regardless of the version. That tells me something is messed up in the Relevance since this should only be Relevant for 9.x through 10.1.1 on my Windows systems, not 10.1.4
Here's the full info:

ID 1486501
Site Vulnerabilities to Windows Systems
Category ACCEPTED
CVE ID CVE-2011-4369
Download Size <no download>
Source oval.mitre.org
Source ID OVAL14865
Source Severity High
Source Release Date 1/30/2012
  • Eric Walker
    Eric Walker
    34 Posts

    Re: Broken Vulnerability Fixlet- Unspecified Vulnerability in the PRC compnent

    ‏2012-11-13T16:56:25Z  
    Hi @jfschafer -- we will look into this. We build our vulnerability content from a feed provided by MITRE, and when there are issues, sometimes it is because we are interpreting the feed incorrectly, and sometimes it is because the source XML is broken. We'll try to see which of these is going on here.

    Eric
  • SystemAdmin
    SystemAdmin
    119 Posts

    Re: Broken Vulnerability Fixlet- Unspecified Vulnerability in the PRC compnent

    ‏2012-11-13T20:24:35Z  
    Looking at the definition itself (found at http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14865 ), the definition naively checks for the range of 10.0 to 10.1 (inclusive), so in your situation, it would always be true. We publish the content as is, and this is a content bug.