Lucene search

K
nessusThis script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ADOBE_AIR_APSB12-19.NASL
HistoryAug 22, 2012 - 12:00 a.m.

Adobe AIR 3.x <= 3.3.0.3670 Multiple Vulnerabilities (APSB12-19)

2012-08-2200:00:00
This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.6%

According to its version, the instance of Adobe AIR on the remote Windows host is 3.3.0.3670 or earlier and is, therefore, reportedly affected by multiple vulnerabilities :

  • Multiple memory corruption vulnerabilities could lead to code execution. (CVE-2012-4163, CVE-2012-4164, CVE-2012-4165)

  • An integer overflow vulnerability exists that could lead to code execution. (CVE-2012-4167)

  • A cross-domain information leak vulnerability exists.
    (CVE-2012-4168)

  • A crash can be caused by a logic error involving multiple dialogs in Firefox. (CVE-2012-4171)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61624);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/07");

  script_cve_id(
    "CVE-2012-4163",
    "CVE-2012-4164",
    "CVE-2012-4165",
    "CVE-2012-4167",
    "CVE-2012-4168",
    "CVE-2012-4171"
  );
  script_bugtraq_id(55365);

  script_name(english:"Adobe AIR 3.x <= 3.3.0.3670 Multiple Vulnerabilities (APSB12-19)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a version of Adobe AIR that is
affected by multiple security vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version, the instance of Adobe AIR on the remote
Windows host is 3.3.0.3670 or earlier and is, therefore, reportedly
affected by multiple vulnerabilities :

  - Multiple memory corruption vulnerabilities could lead to
    code execution. (CVE-2012-4163, CVE-2012-4164,
    CVE-2012-4165)

  - An integer overflow vulnerability exists that could
    lead to code execution. (CVE-2012-4167)

  - A cross-domain information leak vulnerability exists.
    (CVE-2012-4168)

  - A crash can be caused by a logic error involving
    multiple dialogs in Firefox. (CVE-2012-4171)");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb12-19.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe AIR 3.4 (3.4.0.2540) or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4167");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("adobe_air_installed.nasl");
  script_require_keys("SMB/Adobe_AIR/Version", "SMB/Adobe_AIR/Path");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");


version = get_kb_item_or_exit("SMB/Adobe_AIR/Version");
path = get_kb_item_or_exit("SMB/Adobe_AIR/Path");

version_ui = get_kb_item("SMB/Adobe_AIR/Version_UI");
if (isnull(version_ui)) version_report = version;
else version_report = version_ui + ' (' + version + ')';

cutoff_version = '3.3.0.3670';
fix = '3.4.0.2540';
fix_ui = '3.4';

if (version =~ '^3\\.' && ver_compare(ver:version, fix:cutoff_version) <= 0)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_report +
      '\n  Fixed version     : ' + fix_ui + " (" + fix + ')\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
  exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, "Adobe AIR", version_report, path);
VendorProductVersionCPE
adobeaircpe:/a:adobe:air

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.6%