Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2022 Tenable Network Security, Inc.FLASH_PLAYER_9.NASL
HistoryJul 17, 2006 - 12:00 a.m.

Flash Player Multiple Vulnerabilities (APSB06-11)

2006-07-1700:00:00
This script is Copyright (C) 2006-2022 Tenable Network Security, Inc.
www.tenable.com
32
JSON

According to its version number, the instance of Flash Player on the remote Windows host is affected by arbitrary code execution and denial of service issues. By convincing a user to visit a site with a specially crafted SWF file, an attacker may be able to execute arbitrary code on the affected host or cause the web browser to crash.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(22056);
  script_version("1.30");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/07");

  script_cve_id(
    "CVE-2006-3014",
    "CVE-2006-3311",
    "CVE-2006-3587",
    "CVE-2006-3588",
    "CVE-2006-4640"
  );
  script_bugtraq_id(18894, 19980);
  script_xref(name:"CERT", value:"474593");

  script_name(english:"Flash Player Multiple Vulnerabilities (APSB06-11)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a browser plugin that is affected by
multiple issues.");
  script_set_attribute(attribute:"description", value:
"According to its version number, the instance of Flash Player on the
remote Windows host is affected by arbitrary code execution and denial
of service issues.  By convincing a user to visit a site with a
specially crafted SWF file, an attacker may be able to execute
arbitrary code on the affected host or cause the web browser to crash.");
  script_set_attribute(attribute:"see_also", value:"http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-20.html");
  script_set_attribute(attribute:"see_also", value:"http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-21.html");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb06-11.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Flash Player version 9.0.16.0 / 8.0.33.0 / 7.0.66.0 /
6.0.88.0 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(264);

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2006/11/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2006-2022 Tenable Network Security, Inc.");

  script_dependencies("flash_player_installed.nasl");
  script_require_keys("SMB/Flash_Player/installed");

  exit(0);
}

#

if (!get_kb_item("SMB/Flash_Player/installed")) exit(0);


# Identify vulnerable versions.
info = "";

foreach variant (make_list("Plugin", "ActiveX"))
{
  vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/*");
  files = get_kb_list("SMB/Flash_Player/"+variant+"/File/*");
  if (!isnull(vers) && !isnull(files))
  {
    foreach key (keys(vers))
    {
      num = key - ("SMB/Flash_Player/"+variant+"/Version/");

      ver = vers[key];
      if (ver)
      {
        iver = split(ver, sep:'.', keep:FALSE);
        for (i=0; i<max_index(iver); i++)
          iver[i] = int(iver[i]);

        if (
          iver[0] < 6 ||
          (iver[0] == 6 && iver[1] == 0 && iver[2] < 88) ||
          (iver[0] == 7 && iver[1] == 0 && iver[2] < 66) ||
          (iver[0] == 8 && iver[1] == 0 && iver[2] < 33)
        )
        {
          file = files["SMB/Flash_Player/"+variant+"/File/"+num];
          if (variant == "Plugin")
          {
            info += '  - Browser Plugin (for Firefox / Netscape / Opera) :\n';
          }
          else if (variant == "ActiveX")
          {
            info += '  - ActiveX control (for Internet Explorer) :\n';
          }
          info += '    ' + file + ', ' + ver + '\n';
        }
      }
    }
  }
}


if (info)
{
  report = string(
    "Nessus has identified the following vulnerable instance(s) of Flash\n",
    "Player installed on the remote host :\n",
    "\n",
    info
  );
  security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
VendorProductVersionCPE
adobeflash_playercpe:/a:adobe:flash_player

Related

securityvulns 2
openvas 4
nessus 8
freebsd 1
redhat 1
suse 1
gentoo 1
ubuntucve 5
cve 5
cert 3
checkpoint_advisories 1
securityvulns
securityvulns
Microsoft Security Bulletin MS06-069 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution &#40;923789&#41;
2006-11-14 00:00:00
Computer Terrorism &#40;UK&#41; :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability
2006-09-13 00:00:00
openvas
openvas
FreeBSD Ports: linux-flashplugin
2008-09-04 00:00:00
FreeBSD Ports: linux-flashplugin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200610-02 (Flash)
2008-09-24 00:00:00
nessus
nessus
SUSE-SA:2006:053: flash-player
2007-02-18 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-2072)
2007-10-17 00:00:00
RHEL 3 / 4 : flash-plugin (RHSA-2006:0674)
2013-01-24 00:00:00
freebsd
freebsd
linux-flashplugin7 -- arbitrary code execution vulnerabilities
2006-09-12 00:00:00
redhat
redhat
(RHSA-2006:0674) flash-plugin security update
2006-09-12 00:00:00
suse
suse
local code execution in flash-player
2006-09-21 14:03:28
gentoo
gentoo
Adobe Flash Player: Arbitrary code execution
2006-10-04 00:00:00
ubuntucve
ubuntucve
CVE-2006-3588
2006-07-13 00:00:00
CVE-2006-3014
2006-06-22 00:00:00
CVE-2006-4640
2006-09-12 00:00:00
cve
cve
CVE-2006-3588
2006-07-13 21:05:00
CVE-2006-3014
2006-06-22 00:06:00
CVE-2006-4640
2006-09-12 23:07:00
cert
cert
Adobe Flash Player allowScriptAccess protection bypass vulnerability
2006-09-20 00:00:00
Adobe Flash Player long string buffer overflow
2006-09-18 00:00:00
Adobe Flash Player fails to properly handle malformed SWF files
2006-07-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Embedded Shockwave Flash Object Code Execution (MS06-069; CVE-2006-3014)
2010-06-10 00:00:00
JSON
Related for FLASH_PLAYER_9.NASL
securityvulns2openvas4nessus8freebsd1redhat1suse1gentoo1ubuntucve5cve5cert3checkpoint_advisories1