1 Reply Latest reply on Sep 13, 2011 5:18 PM by cgrim

    Adobe Vuln Checks question for someone that has access to the FASL scripts

    mmsmith

      We are trying to figure out a way (similar to the 'Patches Only' checks for MS) to scan for only the main Adobe vulnerability and not all of the CVEs associated with them. So here is three Adobe updates (i.e. APSB10-14) that have a lot of vulnerability checks associated with them within Foundstone and I'm trying to figure out if for each of these three, are all of the FASL scripts (vuln checks) checking for the same thing?

       

      I would also like to pose this question to MVM product management guys- is there anything in the works similar to the ‘Patches Only’ category for the non-Microsoft vulns? It would be very helpful if there was a Vuln Set for the Adobe and JRE type vulns. Since I don’t have access to the FASL scripts there’s no way for me to know for sure if they’re actually checking the same thing. I’ve also submitted Service Request # 3-1681439911 if any of the support people have worked something similar. Below are three of the bigger problem ones for us.

       

      APSB10-14:

      31 CVEs associated with it on the vendor website, http://www.adobe.com/support/security/bulletins/apsb10-14.html

      Adobe Flash 10.0.45.2 or earlier OR Adobe AIR 1.5.3.9130 or earlier are vulnerable.

       

      30 vulnerability checks within Foundstone all related to APSB10-14 (Vuln Filters-> Search by Name for 'APSB10-14'). Is each of these vulns checks checking for the same software version or are they checking something else (I guess could be along with the software version or separate from the software version)?

       

      APSB10-16:

      6 CVEs associated with it on the vendor website, http://www.adobe.com/support/security/bulletins/apsb10-16.html

      Adobe Flash 10.1.53.64 or earlier OR Adobe AIR 2.0.2.12610 or earlier are vulnerable.

       

      12 vulnerability checks within Foundstone all related to APSB10-16 (Vuln Filters-> Search by Name for 'APSB10-16'). Here it looks like a separate one for Flash and a separate check for AIR, but not sure. Is each of these vulns checks checking for the same software version or are they checking something else?

       

      APSB10-09:

      15 CVEs associated with it on the vendor website, http://www.adobe.com/support/security/bulletins/apsb10-09.html

      Adobe Reader 9.3.1 and earlier OR Adobe Acrobat 9.3.1 and earlier are vulnerable.

       

      15 vulnerability checks within Foundstone all related to APSB10-09 (Vuln Filters-> Search by Name for 'APSB10-09'). Is each of these vulns checks checking for the same software version or are they checking something else?