Lucene search
This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.FLASH_PLAYER_APSB15-02.NASLHistoryJan 23, 2015 - 12:00 a.m.
Flash Player <= 16.0.0.257 Information Disclosure (APSB15-02)
2015-01-2300:00:00
This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
According to its version, the installation of Adobe Flash Player installed on the remote Windows host is equal or prior to 16.0.0.257.
It is, therefore, affected by a memory leak that can allow bypassing of memory randomization mitigations, aiding in further attacks.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(80946);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/25");
script_cve_id("CVE-2015-0310");
script_bugtraq_id(72261);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/15");
script_name(english:"Flash Player <= 16.0.0.257 Information Disclosure (APSB15-02)");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has a browser plugin that is affected by an
information disclosure vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its version, the installation of Adobe Flash Player
installed on the remote Windows host is equal or prior to 16.0.0.257.
It is, therefore, affected by a memory leak that can allow bypassing
of memory randomization mitigations, aiding in further attacks.");
script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/flash-player/apsb15-02.html");
# http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0cb17c10");
# http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cdc6d908");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Flash Player version 16.0.0.287 or later.
Alternatively, Adobe has made version 13.0.0.262 available for those
installations that cannot be upgraded to 16.x.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-0310");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/01/21");
script_set_attribute(attribute:"patch_publication_date", value:"2015/01/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/23");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("flash_player_installed.nasl");
script_require_keys("SMB/Flash_Player/installed");
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
get_kb_item_or_exit("SMB/Flash_Player/installed");
# Identify vulnerable versions.
info = "";
# we're checking for versions less than *or equal to* the cutoff!
foreach variant (make_list("Plugin", "ActiveX", "Chrome", "Chrome_Pepper"))
{
vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/*");
files = get_kb_list("SMB/Flash_Player/"+variant+"/File/*");
if (!isnull(vers) && !isnull(files))
{
foreach key (keys(vers))
{
ver = vers[key];
if (ver)
{
iver = split(ver, sep:'.', keep:FALSE);
for (i=0; i<max_index(iver); i++)
iver[i] = int(iver[i]);
if (
(
# Chrome Flash <= 16.0.0.257
variant == "Chrome_Pepper" &&
(
(iver[0] < 16) ||
(iver[0] == 16 && iver[1] == 0 && iver[2] == 0 && iver[3] <= 257)
)
) ||
(variant != "Chrome_Pepper" &&
(
(
# < 13
(
iver[0] < 13 ||
# 13.0.0.x <= 13.0.0.260
(
iver[0] == 13 &&
(
iver[1] == 0 &&
(
iver[2] == 0 &&
(
iver[3] <= 260
)
)
)
)
) ||
# 14.0.0.x <= 16.0.0.257
(
iver[0] == 14 ||
(
iver[0] == 15 ||
(
iver[0] == 16 &&
(
iver[1] == 0 &&
(
iver[2] == 0 &&
(
iver[3] <= 257
)
)
)
)
)
)
)
)
)
)
{
num = key - ("SMB/Flash_Player/"+variant+"/Version/");
file = files["SMB/Flash_Player/"+variant+"/File/"+num];
if (variant == "Plugin")
{
info += '\n Product : Browser Plugin (for Firefox / Netscape / Opera)';
fix = "16.0.0.287 / 13.0.0.262";
}
else if (variant == "ActiveX")
{
info += '\n Product : ActiveX control (for Internet Explorer)';
fix = "16.0.0.287 / 13.0.0.262";
}
else if ("Chrome" >< variant)
{
info += '\n Product : Browser Plugin (for Google Chrome)';
}
info += '\n Path : ' + file +
'\n Installed version : ' + ver;
if (variant == "Chrome_Pepper")
info += '\n Fixed version : 16.0.0.287 (Chrome PepperFlash)';
else
info += '\n Fixed version : '+fix;
info += '\n';
}
}
}
}
}
if (info)
{
port = get_kb_item("SMB/transport");
if (!port) port = 445;
if (report_verbosity > 0) security_hole(port:port, extra:info);
else security_hole(port);
}
else
{
if (thorough_tests)
exit(0, 'No vulnerable versions of Adobe Flash Player were found.');
else
exit(1, 'Google Chrome\'s built-in Flash Player may not have been detected because the \'Perform thorough tests\' setting was not enabled.');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | flash_player | cpe:/a:adobe:flash_player |
Related
openvas
openvas
attackerkb
attackerkb
CVE-2015-0310
2015-01-23 00:00:00
prion
prion
Design/Logic Flaw
2015-01-23 21:59:00
cisa_kev
cisa_kev
Adobe Flash Player ASLR Bypass Vulnerability
2022-05-25 00:00:00
cve
cve
CVE-2015-0310
2015-01-23 21:59:00
nessus
nessus
MS KB3033408: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2015-01-23 00:00:00
SuSE 11.3 Security Update : flash-player (SAT Patch Number 10215)
2015-01-26 00:00:00
Flash Player For Mac <= 16.0.0.257 Information Disclosure (APSB15-02)
2015-01-23 00:00:00
suse
suse
Security update for flash-player (critical)
2015-01-24 01:08:02
Security update for flash-player (critical)
2015-01-23 15:04:45
Security update for flash-player (critical)
2015-01-23 00:06:03
symantec
symantec
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
2015-01-22 00:00:00
ubuntucve
ubuntucve
CVE-2015-0310
2015-01-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Action Script Evasion (CVE-2015-0310; CVE-2015-0311)
2015-01-26 00:00:00
thn
thn
Adobe patches 2nd Flash Player Zero-day Vulnerability
2015-01-25 08:11:00
Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild
2015-02-02 06:29:00
threatpost
threatpost
redhat
redhat
(RHSA-2015:0094) Critical: flash-plugin security update
2015-01-27 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-02-06 00:00:00
Related for FLASH_PLAYER_APSB15-02.NASL