Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2022 Tenable Network Security, Inc.ADOBE_AIR_APSB10-26.NASL
HistoryNov 15, 2010 - 12:00 a.m.

Adobe AIR < 2.5.1 Multiple Vulnerabilities (APSB10-26)

2010-11-1500:00:00
This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.
www.tenable.com
20
JSON

The remote Windows host contains a version of Adobe AIR that is earlier than 2.5.1. Such versions are affected by multiple vulnerabilities:

  • An error exists in the validation of input and, with certain server encodings, lead to a violation of cross- domain policy file restrictions. (CVE-2010-3636)

  • An unspecified error exists which can lead to a denial of service. (CVE-2010-3639)

  • An error exists in the library loading logic and can lead to arbitrary code execution. (CVE-2010-3976)

  • There exist multiple memory corruption vulnerabilities which can lead to arbitrary code execution.
    (CVE-2010-3637, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652, CVE-2010-3654)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(50604);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2010-3636",
    "CVE-2010-3637",
    "CVE-2010-3639",
    "CVE-2010-3640",
    "CVE-2010-3641",
    "CVE-2010-3642",
    "CVE-2010-3643",
    "CVE-2010-3644",
    "CVE-2010-3645",
    "CVE-2010-3646",
    "CVE-2010-3647",
    "CVE-2010-3648",
    "CVE-2010-3649",
    "CVE-2010-3650",
    "CVE-2010-3652",
    "CVE-2010-3654",
    "CVE-2010-3976"
  );
  script_bugtraq_id(
    44504,
    44671,
    44675,
    44677,
    44678,
    44679,
    44680,
    44681,
    44682,
    44683,
    44684,
    44685,
    44686,
    44687,
    44690,
    44691,
    44692
  );
  script_xref(name:"CERT", value:"298081");
  script_xref(name:"SECUNIA", value:"41917");

  script_name(english:"Adobe AIR < 2.5.1 Multiple Vulnerabilities (APSB10-26)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a version of Adobe AIR that is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host contains a version of Adobe AIR that is
earlier than 2.5.1.  Such versions are affected by multiple
vulnerabilities:

  - An error exists in the validation of input and, with
    certain server encodings, lead to a violation of cross-
    domain policy file restrictions. (CVE-2010-3636)

  - An unspecified error exists which can lead to a denial
    of service. (CVE-2010-3639)

  - An error exists in the library loading logic and can 
    lead to arbitrary code execution. (CVE-2010-3976)

  - There exist multiple memory corruption vulnerabilities 
    which can lead to arbitrary code execution.
    (CVE-2010-3637, CVE-2010-3640, CVE-2010-3641, 
    CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, 
    CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, 
    CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, 
    CVE-2010-3652, CVE-2010-3654)");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-26.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe AIR 2.5.1 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "Button" Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/09/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/11/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.");

  script_dependencies("adobe_air_installed.nasl");
  script_require_keys("SMB/Adobe_AIR/Version", "SMB/Adobe_AIR/Path");

  exit(0);
}


include("global_settings.inc");
include("misc_func.inc");


version_ui = get_kb_item("SMB/Adobe_AIR/Version_UI");
version = get_kb_item_or_exit("SMB/Adobe_AIR/Version");
path = get_kb_item_or_exit("SMB/Adobe_AIR/Path");

fix = '2.5.1.17730';
fix_ui = '2.5.1';

if (isnull(version_ui)) version_report = version;
else version_report = version_ui;

if (ver_compare(ver:version, fix:fix) == -1)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_report +
      '\n  Fixed version     : ' + fix_ui + '\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
  exit(0);
}
else exit(0, "The Adobe AIR "+version_report+" install is not affected.");
VendorProductVersionCPE
adobeaircpe:/a:adobe:air

References

Related

nessus 28
redhat 4
securityvulns 7
prion 17
cve 17
ubuntucve 17
suse 2
openvas 22
freebsd 1
gentoo 2
symantec 3
seebug 4
metasploit 1
saint 4
checkpoint_advisories 6
exploitpack 2
packetstorm 1
threatpost 3
canvas 1
cert 1
jvn 1
exploitdb 3
securelist 1
nessus
nessus
Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)
2010-11-05 00:00:00
Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)
2010-11-16 00:00:00
RHEL 6 : flash-plugin (RHSA-2010:0867)
2010-11-18 00:00:00
redhat
redhat
(RHSA-2010:0829) Critical: flash-plugin security update
2010-11-05 00:00:00
(RHSA-2010:0867) Critical: flash-plugin security update
2010-11-10 00:00:00
(RHSA-2010:0834) Critical: flash-plugin security update
2010-11-08 00:00:00
securityvulns
securityvulns
Security update available for Adobe Flash Player
2010-11-08 00:00:00
Adobe Flash Player multiple security vulnerabilities
2010-11-08 00:00:00
HP Systems Insight Manager multiple security vulnerabilities
2011-04-21 00:00:00
prion
prion
Memory corruption
2010-11-07 22:00:00
Memory corruption
2010-11-07 22:00:00
Memory corruption
2010-11-07 22:00:00
cve
cve
CVE-2010-3645
2010-11-07 22:00:00
CVE-2010-3649
2010-11-07 22:00:00
CVE-2010-3650
2010-11-07 22:00:00
ubuntucve
ubuntucve
CVE-2010-3647
2010-11-07 00:00:00
CVE-2010-3641
2010-11-07 00:00:00
CVE-2010-3640
2010-11-07 00:00:00
suse
suse
remote code execution in flash-player
2010-11-05 13:12:10
remote code execution in acoread
2010-12-08 17:17:01
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (Linux)
2010-11-12 00:00:00
SuSE Update for flash-player SUSE-SA:2010:055
2010-11-16 00:00:00
Adobe Flash Player Multiple Vulnerabilities (Windows)
2010-11-12 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-09-28 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
Adobe Reader: Multiple vulnerabilities
2011-01-21 00:00:00
symantec
symantec
Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability
2010-10-28 00:00:00
Adobe Flash Player CVE-2010-3648 Remote Memory Corruption Vulnerability
2010-11-04 00:00:00
Adobe Flash Player CVE-2010-3643 Remote Memory Corruption Vulnerability
2010-11-04 00:00:00
seebug
seebug
Adobe Flash Player "Button" Remote Code Execution
2014-07-01 00:00:00
Adobe Flash Player authplay.dllεΊ“PDFζ–‡δ»Άθ§£ζžθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2010-11-01 00:00:00
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)
2014-07-01 00:00:00
metasploit
metasploit
Adobe Flash Player "Button" Remote Code Execution
2010-11-01 22:34:13
saint
saint
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Flash Content Parsing Code Execution (APSA10-05; CVE-2010-3654)
2010-11-01 00:00:00
Workaround for Adobe Flash Player Flash Content Parsing Code Execution Vulnerability (APSA10-05)
2010-11-01 00:00:00
Adobe Flash Player ActionScript2 Memory Corruption (APSB10-26; CVE-2010-3642)
2010-12-22 00:00:00
exploitpack
exploitpack
Adobe Flash Player 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
2011-04-19 00:00:00
Adobe Flash - ActionIf Integer Denial of Service
2010-11-05 00:00:00
packetstorm
packetstorm
Adobe Flash Player "Button" Remote Code Execution
2010-11-03 00:00:00
threatpost
threatpost
Adobe Releases Emergency Fix for Critical Reader Flaws
2010-11-16 19:41:53
Adobe Accelerates Patch Schedule for Critical Flash Bug
2010-11-02 19:15:03
New Adobe Flash Bug Being Exploited
2010-10-28 14:03:47
canvas
canvas
Immunity Canvas: ADOBE_FLASH_BUTTON
2010-10-29 19:00:00
cert
cert
Adobe Flash code execution vulnerability
2010-10-28 00:00:00
jvn
jvn
JVN#48425028: Flash Player access restriction bypass vulnerability
2010-11-09 00:00:00
exploitdb
exploitdb
Adobe Flash Player - &#039;Button&#039; Arbitrary Code Execution (Metasploit)
2010-11-01 00:00:00
Adobe Flash Player &lt; 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
2011-04-19 00:00:00
Adobe Flash - ActionIf Integer Denial of Service
2010-11-05 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
JSON
Related for ADOBE_AIR_APSB10-26.NASL
nessus28redhat4securityvulns7prion17cve17ubuntucve17suse2openvas22freebsd1gentoo2symantec3seebug4metasploit1saint4checkpoint_advisories6exploitpack2packetstorm1threatpost3canvas1cert1jvn1exploitdb3securelist1