Plugin Check reports current Adobe Acrobat Reader 9.1.3 be Potentially Vulnerable

VERIFIED FIXED

Status

addons.mozilla.org Graveyard
Plugins
VERIFIED FIXED
9 years ago
2 years ago

People

(Reporter: Olav Seyfarth, Unassigned)

Tracking

Details

(URL)

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)

When I let Acrobat Reader check itself for Updates, it reports "No Updates available" and that seems correct since 9.1.3 is the last version I know of.
Nevertheless https://www-trunk.stage.mozilla.com/en-US/plugincheck/ reports that the Acrobat Reader Plugin is "Potentially Vulnerable".

Reproducible: Always

Steps to Reproduce:
1. open https://www-trunk.stage.mozilla.com/en-US/plugincheck/
2. reports "Adobe Acrobat PDF Plug-In For Firefox and Netscape is Potentially Vulnerable"
3. open Adobe Acrobat Reader itself
4. Help-Menu -> "Check for Updates" reports "No updates available"
Actual Results:  
Either the Plugin(!) really still is vulnerable or the Plugin Check report is wrong.

Expected Results:  
Plugin Check should be consistent with Self-Assessment.

Mozilla Firefox and Adobe Acrobat Reader are german versions.
AddOns: NoScript 1.9.9.01 (mozilla.com allowed), RequestPolicy 0.5.8 (googleapis.com allowed), BetterPrivacy 1.29 (disable DOM storage)
(Reporter)

Comment 1

9 years ago
Same result with NoScript, RequestPolicy and BetterPrivacy disabled.

BTW: <HEAD><TITLE> reads "Plug-In" whereas <BODY><H2> and all text on the page uses "Plugin".
9.1.3 is indeed the latest version for Windows, afaict.
Component: Other → www.mozilla.com
QA Contact: other → www-mozilla-com
Component: www.mozilla.com → Plugins
Product: Websites → addons.mozilla.org
QA Contact: www-mozilla-com → plugin-listings

Updated

9 years ago
Duplicate of this bug: 520460
Status: UNCONFIRMED → NEW
Ever confirmed: true
Duplicate of this bug: 520537
Duplicate of this bug: 520565

Comment 6

9 years ago
The core issue is that Acrobat and some other plugins don't expose version information in either the name or description field of the navigator.plugins object. See Bug#519234

Fix:
For Adobe Acrobat and other plugins where no version is detected, Client is now skipping pfs2 request and not displaying the plugin.
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
Verified FIXED on https://www-trunk.stage.mozilla.com/en-US/plugincheck/.
Status: RESOLVED → VERIFIED
(Assignee)

Updated

2 years ago
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.