Processed pull request 695 - DTCC

repository/definitions/vulnerability/oval_org.cisecurity_def_1733.xml

@@ -0,0 +1,61 @@
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:1733" version="1">
+  <metadata>
+    <title>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability - CVE-2017-2948</title>
+    <affected family="windows">
+      <platform>Microsoft Windows Vista</platform>
+      <platform>Microsoft Windows 7</platform>
+      <platform>Microsoft Windows 8</platform>
+      <platform>Microsoft Windows 8.1</platform>
+      <platform>Microsoft Windows 10</platform>
+      <platform>Microsoft Windows Server 2003</platform>
+      <platform>Microsoft Windows Server 2008</platform>
+      <platform>Microsoft Windows Server 2008 R2</platform>
+      <platform>Microsoft Windows Server 2012</platform>
+      <platform>Microsoft Windows Server 2012 R2</platform>
+      <platform>Microsoft Windows Server 2016</platform>
+      <product>Adobe Acrobat</product>
+      <product>Adobe Acrobat DC Classic</product>
+      <product>Adobe Acrobat DC Continuous</product>
+      <product>Adobe Reader</product>
+      <product>Adobe Reader DC Classic</product>
+      <product>Adobe Reader DC Continuous</product>
+    </affected>
+    <reference ref_id="CVE-2017-2948" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2948" source="CVE" />
+    <description>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution.</description>
+    <oval_repository>
+      <dates>
+        <submitted date="2017-01-12T19:07:37+08:00">
+          <contributor organization="DTCC">Alexander Chua</contributor>
+        </submitted>
+      </dates>
+      <status>INITIAL SUBMISSION</status>
+      <min_schema_version>5.10</min_schema_version>
+    </oval_repository>
+  </metadata>
+  <criteria comment="Check for installation of vulnerable Adobe Acrobat and Reader + vulnerable file version" operator="OR">
+    <criteria comment="Adobe Acrobat 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat 11.x is installed" definition_ref="oval:org.mitre.oval:def:16409" />
+      <criterion comment="Check if Adobe Acrobat 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2456" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Classic is installed" definition_ref="oval:org.cisecurity:def:687" />
+      <criterion comment="Check if Adobe Acrobat DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2459" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Continuous is installed" definition_ref="oval:org.cisecurity:def:677" />
+      <criterion comment="Check if Adobe Acrobat DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2454" />
+    </criteria>
+    <criteria comment="Adobe Reader 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader 11.x is installed" definition_ref="oval:org.mitre.oval:def:16400" />
+      <criterion comment="Check if Adobe Reader 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2457" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Classic is installed" definition_ref="oval:org.cisecurity:def:627" />
+      <criterion comment="Check if Adobe Reader DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2458" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Continuous is installed" definition_ref="oval:org.cisecurity:def:684" />
+      <criterion comment="Check if Adobe Reader DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2455" />
+    </criteria>
+  </criteria>
+</definition>

repository/definitions/vulnerability/oval_org.cisecurity_def_1734.xml

@@ -0,0 +1,61 @@
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:1734" version="1">
+  <metadata>
+    <title>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability - CVE-2017-2953</title>
+    <affected family="windows">
+      <platform>Microsoft Windows Vista</platform>
+      <platform>Microsoft Windows 7</platform>
+      <platform>Microsoft Windows 8</platform>
+      <platform>Microsoft Windows 8.1</platform>
+      <platform>Microsoft Windows 10</platform>
+      <platform>Microsoft Windows Server 2003</platform>
+      <platform>Microsoft Windows Server 2008</platform>
+      <platform>Microsoft Windows Server 2008 R2</platform>
+      <platform>Microsoft Windows Server 2012</platform>
+      <platform>Microsoft Windows Server 2012 R2</platform>
+      <platform>Microsoft Windows Server 2016</platform>
+      <product>Adobe Acrobat</product>
+      <product>Adobe Acrobat DC Classic</product>
+      <product>Adobe Acrobat DC Continuous</product>
+      <product>Adobe Reader</product>
+      <product>Adobe Reader DC Classic</product>
+      <product>Adobe Reader DC Continuous</product>
+    </affected>
+    <reference ref_id="CVE-2017-2953" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2953" source="CVE" />
+    <description>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution.</description>
+    <oval_repository>
+      <dates>
+        <submitted date="2017-01-12T19:07:37+08:00">
+          <contributor organization="DTCC">Alexander Chua</contributor>
+        </submitted>
+      </dates>
+      <status>INITIAL SUBMISSION</status>
+      <min_schema_version>5.10</min_schema_version>
+    </oval_repository>
+  </metadata>
+  <criteria comment="Check for installation of vulnerable Adobe Acrobat and Reader + vulnerable file version" operator="OR">
+    <criteria comment="Adobe Acrobat 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat 11.x is installed" definition_ref="oval:org.mitre.oval:def:16409" />
+      <criterion comment="Check if Adobe Acrobat 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2456" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Classic is installed" definition_ref="oval:org.cisecurity:def:687" />
+      <criterion comment="Check if Adobe Acrobat DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2459" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Continuous is installed" definition_ref="oval:org.cisecurity:def:677" />
+      <criterion comment="Check if Adobe Acrobat DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2454" />
+    </criteria>
+    <criteria comment="Adobe Reader 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader 11.x is installed" definition_ref="oval:org.mitre.oval:def:16400" />
+      <criterion comment="Check if Adobe Reader 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2457" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Classic is installed" definition_ref="oval:org.cisecurity:def:627" />
+      <criterion comment="Check if Adobe Reader DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2458" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Continuous is installed" definition_ref="oval:org.cisecurity:def:684" />
+      <criterion comment="Check if Adobe Reader DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2455" />
+    </criteria>
+  </criteria>
+</definition>

repository/definitions/vulnerability/oval_org.cisecurity_def_1735.xml

@@ -0,0 +1,61 @@
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:1735" version="1">
+  <metadata>
+    <title>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability - CVE-2017-2945</title>
+    <affected family="windows">
+      <platform>Microsoft Windows Vista</platform>
+      <platform>Microsoft Windows 7</platform>
+      <platform>Microsoft Windows 8</platform>
+      <platform>Microsoft Windows 8.1</platform>
+      <platform>Microsoft Windows 10</platform>
+      <platform>Microsoft Windows Server 2003</platform>
+      <platform>Microsoft Windows Server 2008</platform>
+      <platform>Microsoft Windows Server 2008 R2</platform>
+      <platform>Microsoft Windows Server 2012</platform>
+      <platform>Microsoft Windows Server 2012 R2</platform>
+      <platform>Microsoft Windows Server 2016</platform>
+      <product>Adobe Acrobat</product>
+      <product>Adobe Acrobat DC Classic</product>
+      <product>Adobe Acrobat DC Continuous</product>
+      <product>Adobe Reader</product>
+      <product>Adobe Reader DC Classic</product>
+      <product>Adobe Reader DC Continuous</product>
+    </affected>
+    <reference ref_id="CVE-2017-2945" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2945" source="CVE" />
+    <description>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.</description>
+    <oval_repository>
+      <dates>
+        <submitted date="2017-01-12T19:07:37+08:00">
+          <contributor organization="DTCC">Alexander Chua</contributor>
+        </submitted>
+      </dates>
+      <status>INITIAL SUBMISSION</status>
+      <min_schema_version>5.10</min_schema_version>
+    </oval_repository>
+  </metadata>
+  <criteria comment="Check for installation of vulnerable Adobe Acrobat and Reader + vulnerable file version" operator="OR">
+    <criteria comment="Adobe Acrobat 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat 11.x is installed" definition_ref="oval:org.mitre.oval:def:16409" />
+      <criterion comment="Check if Adobe Acrobat 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2456" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Classic is installed" definition_ref="oval:org.cisecurity:def:687" />
+      <criterion comment="Check if Adobe Acrobat DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2459" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Continuous is installed" definition_ref="oval:org.cisecurity:def:677" />
+      <criterion comment="Check if Adobe Acrobat DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2454" />
+    </criteria>
+    <criteria comment="Adobe Reader 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader 11.x is installed" definition_ref="oval:org.mitre.oval:def:16400" />
+      <criterion comment="Check if Adobe Reader 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2457" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Classic is installed" definition_ref="oval:org.cisecurity:def:627" />
+      <criterion comment="Check if Adobe Reader DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2458" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Continuous is installed" definition_ref="oval:org.cisecurity:def:684" />
+      <criterion comment="Check if Adobe Reader DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2455" />
+    </criteria>
+  </criteria>
+</definition>

repository/definitions/vulnerability/oval_org.cisecurity_def_1736.xml

@@ -0,0 +1,61 @@
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:1736" version="1">
+  <metadata>
+    <title>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability - CVE-2017-2952</title>
+    <affected family="windows">
+      <platform>Microsoft Windows Vista</platform>
+      <platform>Microsoft Windows 7</platform>
+      <platform>Microsoft Windows 8</platform>
+      <platform>Microsoft Windows 8.1</platform>
+      <platform>Microsoft Windows 10</platform>
+      <platform>Microsoft Windows Server 2003</platform>
+      <platform>Microsoft Windows Server 2008</platform>
+      <platform>Microsoft Windows Server 2008 R2</platform>
+      <platform>Microsoft Windows Server 2012</platform>
+      <platform>Microsoft Windows Server 2012 R2</platform>
+      <platform>Microsoft Windows Server 2016</platform>
+      <product>Adobe Acrobat</product>
+      <product>Adobe Acrobat DC Classic</product>
+      <product>Adobe Acrobat DC Continuous</product>
+      <product>Adobe Reader</product>
+      <product>Adobe Reader DC Classic</product>
+      <product>Adobe Reader DC Continuous</product>
+    </affected>
+    <reference ref_id="CVE-2017-2952" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2952" source="CVE" />
+    <description>Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution.</description>
+    <oval_repository>
+      <dates>
+        <submitted date="2017-01-12T19:07:37+08:00">
+          <contributor organization="DTCC">Alexander Chua</contributor>
+        </submitted>
+      </dates>
+      <status>INITIAL SUBMISSION</status>
+      <min_schema_version>5.10</min_schema_version>
+    </oval_repository>
+  </metadata>
+  <criteria comment="Check for installation of vulnerable Adobe Acrobat and Reader + vulnerable file version" operator="OR">
+    <criteria comment="Adobe Acrobat 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat 11.x is installed" definition_ref="oval:org.mitre.oval:def:16409" />
+      <criterion comment="Check if Adobe Acrobat 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2456" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Classic is installed" definition_ref="oval:org.cisecurity:def:687" />
+      <criterion comment="Check if Adobe Acrobat DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2459" />
+    </criteria>
+    <criteria comment="Adobe Acrobat DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Acrobat DC Continuous is installed" definition_ref="oval:org.cisecurity:def:677" />
+      <criterion comment="Check if Adobe Acrobat DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2454" />
+    </criteria>
+    <criteria comment="Adobe Reader 11 is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader 11.x is installed" definition_ref="oval:org.mitre.oval:def:16400" />
+      <criterion comment="Check if Adobe Reader 11 version is less than 11.0.19" test_ref="oval:org.cisecurity:tst:2457" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Classic is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Classic is installed" definition_ref="oval:org.cisecurity:def:627" />
+      <criterion comment="Check if Adobe Reader DC Classic version is less than 15.006.30279" test_ref="oval:org.cisecurity:tst:2458" />
+    </criteria>
+    <criteria comment="Adobe Reader DC Continuous is installed + version" operator="AND">
+      <extend_definition comment="Adobe Reader DC Continuous is installed" definition_ref="oval:org.cisecurity:def:684" />
+      <criterion comment="Check if Adobe Reader DC Continuous version is less than 15.023.20053" test_ref="oval:org.cisecurity:tst:2455" />
+    </criteria>
+  </criteria>
+</definition>