Search...

GLSA-200603-20 : Macromedia Flash Player: Arbitrary code execution

2006-03-23T00:00:00

ID GENTOO_GLSA-200603-20.NASL
Type nessus
Reporter This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2006-03-23T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-200603-20 (Macromedia Flash Player: Arbitrary code execution)

The Macromedia Flash Player contains multiple unspecified
vulnerabilities.

Impact :

An attacker serving a maliciously crafted SWF file could entice a
user to view the SWF file and execute arbitrary code on the user's
machine.

Workaround :

There is no known workaround at this time.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200603-20.
#
# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(21127);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2006-0024");
  script_xref(name:"GLSA", value:"200603-20");

  script_name(english:"GLSA-200603-20 : Macromedia Flash Player: Arbitrary code execution");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200603-20
(Macromedia Flash Player: Arbitrary code execution)

    The Macromedia Flash Player contains multiple unspecified
    vulnerabilities.
  
Impact :

    An attacker serving a maliciously crafted SWF file could entice a
    user to view the SWF file and execute arbitrary code on the user's
    machine.
  
Workaround :

    There is no known workaround at this time."
  );
  # http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.adobe.com/devnet/security/security_zone/apsb06-03.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200603-20"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Macromedia Flash Player users should upgrade to the latest
    version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '&gt;=www-plugins/adobe-flash-7.0.63'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:adobe-flash");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/03/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/03/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"www-plugins/adobe-flash", unaffected:make_list("ge 7.0.63"), vulnerable:make_list("lt 7.0.63"))) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Macromedia Flash Player");
}

JSON Vulners Source

Initial Source

{"id": "GENTOO_GLSA-200603-20.NASL", "bulletinFamily": "scanner", "title": "GLSA-200603-20 : Macromedia Flash Player: Arbitrary code execution", "description": "The remote host is affected by the vulnerability described in GLSA-200603-20\n(Macromedia Flash Player: Arbitrary code execution)\n\n The Macromedia Flash Player contains multiple unspecified\n vulnerabilities.\n \nImpact :\n\n An attacker serving a maliciously crafted SWF file could entice a\n user to view the SWF file and execute arbitrary code on the user's\n machine.\n \nWorkaround :\n\n There is no known workaround at this time.", "published": "2006-03-23T00:00:00", "modified": "2006-03-23T00:00:00", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/21127", "reporter": "This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://security.gentoo.org/glsa/200603-20", "https://www.adobe.com/devnet/security/security_zone/apsb06-03.html"], "cvelist": ["CVE-2006-0024"], "type": "nessus", "lastseen": "2021-01-07T10:52:01", "edition": 26, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-0024"]}, {"type": "gentoo", "idList": ["GLSA-200603-20"]}, {"type": "kaspersky", "idList": ["KLA10254"]}, {"type": "redhat", "idList": ["RHSA-2006:0268"]}, {"type": "suse", "idList": ["SUSE-SA:2006:015"]}, {"type": "cert", "idList": ["VU:945060"]}, {"type": "freebsd", "idList": ["83421018-B3EF-11DA-A32D-000C6EC775D9"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:12621", "SECURITYVULNS:DOC:11833", "SECURITYVULNS:DOC:12618"]}, {"type": "openvas", "idList": ["OPENVAS:56548", "OPENVAS:102023", "OPENVAS:1361412562310102023", "OPENVAS:56390"]}, {"type": "nessus", "idList": ["MACOSX_SECUPD2006-003.NASL", "REDHAT-RHSA-2006-0268.NASL", "MACOSX_SECUPD2007-009.NASL", "FLASH_PLAYER_APSB06-03.NASL", "FREEBSD_PKG_83421018B3EF11DAA32D000C6EC775D9.NASL", "SUSE_SA_2006_015.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:23908"]}], "modified": "2021-01-07T10:52:01", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2021-01-07T10:52:01", "rev": 2}, "vulnersScore": 7.3}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200603-20.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21127);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0024\");\n script_xref(name:\"GLSA\", value:\"200603-20\");\n\n script_name(english:\"GLSA-200603-20 : Macromedia Flash Player: Arbitrary code execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200603-20\n(Macromedia Flash Player: Arbitrary code execution)\n\n The Macromedia Flash Player contains multiple unspecified\n vulnerabilities.\n \nImpact :\n\n An attacker serving a maliciously crafted SWF file could entice a\n user to view the SWF file and execute arbitrary code on the user's\n machine.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/devnet/security/security_zone/apsb06-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200603-20\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Macromedia Flash Player users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-plugins/adobe-flash-7.0.63'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:adobe-flash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-plugins/adobe-flash\", unaffected:make_list(\"ge 7.0.63\"), vulnerable:make_list(\"lt 7.0.63\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Macromedia Flash Player\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "21127", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:adobe-flash"], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T19:23:43", "description": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.", "edition": 5, "cvss3": {}, "published": "2006-03-15T16:06:00", "title": "CVE-2006-0024", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-0024"], "modified": "2018-10-12T21:38:00", "cpe": ["cpe:/a:macromedia:flash_player:7.0.19.0", "cpe:/a:macromedia:flash_player:7.0_r19", "cpe:/a:macromedia:flash_player:6.0.29.0", "cpe:/a:macromedia:flash_player:6.0.79.0", "cpe:/a:macromedia:flash_player:4.0_r12", "cpe:/a:macromedia:flash_player:5.0", "cpe:/a:macromedia:flash_player:7.0.61.0", "cpe:/a:macromedia:flash_player:6.0.47.0", "cpe:/a:macromedia:flash_player:6.0.65.0", "cpe:/a:macromedia:flash_player:8.0.22.0", "cpe:/a:macromedia:flash_player:7.0.60.0", "cpe:/a:macromedia:flash_player:5.0_r50", "cpe:/a:macromedia:flash_player:6.0", "cpe:/a:macromedia:flash_player:6.0.40.0"], "id": "CVE-2006-0024", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0024", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:8.0.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:45", "bulletinFamily": "unix", "cvelist": ["CVE-2006-0024"], "edition": 1, "description": "### Background\n\nThe Macromedia Flash Player is a renderer for the popular SWF filetype which is commonly used to provide interactive websites, digital experiences and mobile content. \n\n### Description\n\nThe Macromedia Flash Player contains multiple unspecified vulnerabilities. \n\n### Impact\n\nAn attacker serving a maliciously crafted SWF file could entice a user to view the SWF file and execute arbitrary code on the user's machine. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Macromedia Flash Player users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-plugins/adobe-flash-7.0.63\"", "modified": "2009-05-28T00:00:00", "published": "2006-03-21T00:00:00", "id": "GLSA-200603-20", "href": "https://security.gentoo.org/glsa/200603-20", "type": "gentoo", "title": "Macromedia Flash Player: Arbitrary code execution", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2020-09-02T11:42:16", "bulletinFamily": "info", "cvelist": ["CVE-2006-0024"], "description": "### *Detect date*:\n03/15/2006\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple unspecified vulnerabilities were found in Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed SWF file.\n\n### *Affected products*:\nFlash Player versions 8.0.22.0 and earlier\n\n### *Solution*:\nUpdate to latest version \n[Flash Player](<http://get.adobe.com/flashplayer/>)\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Flash Player ActiveX](<https://threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/>)\n\n### *CVE-IDS*:\n[CVE-2006-0024](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>)5.1High", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2006-03-15T00:00:00", "id": "KLA10254", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10254", "title": "\r KLA10254ACE vulnerabilities in Adobe Flash Player ", "type": "kaspersky", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-05-29T14:34:09", "bulletinFamily": "unix", "cvelist": ["CVE-2006-0024"], "description": "The flash-plugin package contains a Mozilla-compatible Macromedia Flash\r\nPlayer browser plug-in.\r\n\r\nSecurity issues were discovered in the Macromedia Flash Player. It may\r\nbe possible to execute arbitrary code on a victim's machine if the victim\r\nopens a malicious Macromedia Flash file. The Common Vulnerabilities and\r\nExposures project assigned the name CVE-2006-0024 to this issue.\r\n\r\nUsers of Macromedia Flash Player should upgrade to this updated package,\r\nwhich contains version 7.0.64 and is not vulnerable to this issue.", "modified": "2017-07-27T23:10:24", "published": "2006-03-15T05:00:00", "id": "RHSA-2006:0268", "href": "https://access.redhat.com/errata/RHSA-2006:0268", "type": "redhat", "title": "(RHSA-2006:0268) flash-plugin security update", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:38:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-0024"], "description": "A critical security vulnerability has been identified in the Adobe Macromedia Flash Player that allows an attacker who successfully exploits these vulnerabilities to take control of the application running the flash player.\n#### Solution\nIf you do not want to view Flash content, you can deinstall the Flash Player by doing: rpm -e flash-player Otherwise please install the updated packages.", "edition": 1, "modified": "2006-03-21T10:44:32", "published": "2006-03-21T10:44:32", "id": "SUSE-SA:2006:015", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-03/msg00013.html", "title": "remote code execution in flash-player", "type": "suse", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:43:15", "bulletinFamily": "info", "cvelist": ["CVE-2006-0024"], "description": "### Overview \n\nSeveral vulnerabilities in Adobe Macromedia Flash products may allow a remote attacker to execute arbitrary code on a vulnerable system.\n\n### Description \n\nThe [Adobe Flash Player](<http://www.macromedia.com/software/flashplayer/>) is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser.\n\nA number of vulnerabilites have been discovered in the way that the Flash Player handles data contained within the Flash (SWF) file. The underlying cause of these vulnerabilities is unknown at this time. A maliciously crafted SWF that exploits these vulnerabilities could be supplied through a web page, for example. Because of the way that Flash Player is used, multiple Adobe products are affected by these issues, including: \n\n\n * Flash Player versions 8.0.22.0 and earlier\n * Breeze Meeting Add-In versions 5.1 and earlier\n * Shockwave Player versions 10.1.0.11 and earlier\n * Flash Debug Player versions 7.0.14.0 and earlier\n * Flash Professional 8 and Flash Basic\n * Flash MX 2004\n \nNote that vulnerable versions of the Flash Player are provided with a number of versions of Microsoft Windows, Apple's Mac OS X, and some distributions of the Linux operating systems. \n--- \n \n### Impact \n\nA remote attacker with the ability to supply a specially crafted SWF file to a vulnerable host may be able to execute arbitrary code on that system. The attacker-supplied code would be executed with the privileges of the user opening the file. \n \n--- \n \n### Solution \n\n**Apply a patch** \n \nPatches have been released in response to this issue. Please see the Systems Affected section of this document for more information. \n \n--- \n \n**Workarounds**\n\n \nMicrosoft has published a number of workarounds for users of the affected products on Microsoft Windows platforms. Please see the Workarounds section of [Microsoft Security Bulletin MS06-020](<http://www.microsoft.com/technet/security/Bulletin/MS06-020.mspx>) for more information. \n \n--- \n \n### Vendor Information\n\n945060\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Adobe __ Affected\n\nNotified: March 03, 2006 Updated: March 16, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nAdobe Systems, Inc. has published Adobe Product Security Bulletin [APSB06-03](<http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html>) in response to this issue. Users are encouraged to review this bulletin and upgrade to the fixed versions of the software it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23945060 Feedback>).\n\n### Apple Computer, Inc. Affected\n\nUpdated: April 11, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Gentoo Linux __ Affected\n\nUpdated: May 09, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Gentoo Linux security team has published Gentoo Linux Security Advisory [GLSA 200603-20](<http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23945060 Feedback>).\n\n### Microsoft Corporation __ Affected\n\nUpdated: May 09, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMicrosoft has published [Microsoft Security Bulletin MS06-020](<http://www.microsoft.com/technet/security/Bulletin/MS06-020.mspx>) in response to this issue. Users are encouraged to review this bulletin and apply the patches it refers to.\n\nAt the time of original publication of this issue, Microsoft published [Microsoft Security Advisory (916208)](<http://www.microsoft.com/technet/security/advisory/916208.mspx>) which advised users to apply the corresponding patches from Adobe. The information in MS06-020 supercedes this advisory.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23945060 Feedback>).\n\n### Red Hat, Inc. __ Affected\n\nUpdated: March 16, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRed Hat has published Red Hat Security Advisory [RHSA-2006:0268](<https://rhn.redhat.com/errata/RHSA-2006-0268.html>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23945060 Feedback>).\n\n### SUSE Linux __ Affected\n\nUpdated: May 09, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe SUSE security team has published SUSE Security Announcement [SUSE-SA:2006:015](<http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html>) in response to this issue. Users are encouraged to review this announcement and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23945060 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html>\n * <http://www.microsoft.com/technet/security/advisory/916208.mspx>\n * <http://secunia.com/advisories/19218/>\n * <http://secunia.com/advisories/19259/>\n * <http://www.microsoft.com/technet/security/Bulletin/MS06-020.mspx>\n * <http://docs.info.apple.com/article.html?artnum=307179>\n\n### Acknowledgements\n\nThanks to Adobe Systems, Inc. for reporting this vulnerability. Adobe, in turn, credits Microsoft with reporting these vulnerabilities to them.\n\nThis document was written by Chad R Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-0024](<http://web.nvd.nist.gov/vuln/detail/CVE-2006-0024>) \n---|--- \n**Severity Metric:** | 25.65 \n**Date Public:** | 2006-03-14 \n**Date First Published:** | 2006-03-16 \n**Date Last Updated: ** | 2007-12-18 13:39 UTC \n**Document Revision: ** | 35 \n", "modified": "2007-12-18T13:39:00", "published": "2006-03-16T00:00:00", "id": "VU:945060", "href": "https://www.kb.cert.org/vuls/id/945060", "type": "cert", "title": "Adobe Flash products contain multiple vulnerabilities", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:47", "bulletinFamily": "unix", "cvelist": ["CVE-2006-0024"], "description": "\nAdobe reports:\n\nCritical vulnerabilities have been identified in Flash\n\t Player that could allow an attacker who successfully\n\t exploits these vulnerabilities to take control of the\n\t affected system. A malicious SWF must be loaded in Flash\n\t Player by the user for an attacker to exploit these\n\t vulnerabilities.\nFlash Player 8 update (8.0.24.0), and Flash Player 7\n\t update (7.0.63.0) address security vulnerabilities in\n\t previous versions of Flash Player, which could lead to the\n\t potential execution of arbitrary code. These\n\t vulnerabilities could be accessed through content\n\t delivered from a remote location via the users web\n\t browser, email client, or other applications that include\n\t or reference the Flash Player.\n\n", "edition": 4, "modified": "2006-03-14T00:00:00", "published": "2006-03-14T00:00:00", "id": "83421018-B3EF-11DA-A32D-000C6EC775D9", "href": "https://vuxml.freebsd.org/freebsd/83421018-b3ef-11da-a32d-000c6ec775d9.html", "title": "linux-flashplugin -- arbitrary code execution vulnerability", "type": "freebsd", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:46:41", "description": "Adobe reports :\n\nCritical vulnerabilities have been identified in Flash Player that\ncould allow an attacker who successfully exploits these\nvulnerabilities to take control of the affected system. A malicious\nSWF must be loaded in Flash Player by the user for an attacker to\nexploit these vulnerabilities.\n\nFlash Player 8 update (8.0.24.0), and Flash Player 7 update (7.0.63.0)\naddress security vulnerabilities in previous versions of Flash Player,\nwhich could lead to the potential execution of arbitrary code. These\nvulnerabilities could be accessed through content delivered from a\nremote location via the users web browser, email client, or other\napplications that include or reference the Flash Player.", "edition": 25, "published": "2006-05-13T00:00:00", "title": "FreeBSD : linux-flashplugin -- arbitrary code execution vulnerability (83421018-b3ef-11da-a32d-000c6ec775d9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "modified": "2006-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-flashplugin", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_83421018B3EF11DAA32D000C6EC775D9.NASL", "href": "https://www.tenable.com/plugins/nessus/21459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21459);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-0024\");\n\n script_name(english:\"FreeBSD : linux-flashplugin -- arbitrary code execution vulnerability (83421018-b3ef-11da-a32d-000c6ec775d9)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adobe reports :\n\nCritical vulnerabilities have been identified in Flash Player that\ncould allow an attacker who successfully exploits these\nvulnerabilities to take control of the affected system. A malicious\nSWF must be loaded in Flash Player by the user for an attacker to\nexploit these vulnerabilities.\n\nFlash Player 8 update (8.0.24.0), and Flash Player 7 update (7.0.63.0)\naddress security vulnerabilities in previous versions of Flash Player,\nwhich could lead to the potential execution of arbitrary code. These\nvulnerabilities could be accessed through content delivered from a\nremote location via the users web browser, email client, or other\napplications that include or reference the Flash Player.\"\n );\n # http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/devnet/security/security_zone/apsb06-03.html\"\n );\n # https://vuxml.freebsd.org/freebsd/83421018-b3ef-11da-a32d-000c6ec775d9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1adf0b17\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"linux-flashplugin<7.0r63\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T02:33:36", "description": "According to its version number, the instance of Flash Player on the\nremote Windows host contains multiple critical and as-yet unspecified\nvulnerabilities that could allow an attacker to take control of the\naffected host. To exploit these issues, a user must load a malicious\nSWF file in Flash Player.", "edition": 25, "published": "2006-03-15T00:00:00", "title": "Flash Player swf Processing Multiple Unspecified Code Execution (APSB06-03)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "FLASH_PLAYER_APSB06-03.NASL", "href": "https://www.tenable.com/plugins/nessus/21079", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21079);\n script_version(\"1.25\");\n\n script_cve_id(\"CVE-2006-0024\");\n script_bugtraq_id(17106);\n script_xref(name:\"MSFT\", value:\"MS06-020\");\n script_xref(name:\"MSKB\", value:\"323166\");\n\n script_name(english:\"Flash Player swf Processing Multiple Unspecified Code Execution (APSB06-03)\");\n script_summary(english:\"Checks version of Flash Player\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a browser plugin that is affected by\nseveral critical flaws.\" );\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the instance of Flash Player on the\nremote Windows host contains multiple critical and as-yet unspecified\nvulnerabilities that could allow an attacker to take control of the\naffected host. To exploit these issues, a user must load a malicious\nSWF file in Flash Player.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2006/ms06-020\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2006/916208\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9eff3e8\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Flash Player version 8.0.24.0 / 7.0.63.0 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/03/15\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/03/15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/11/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n exit(0);\n}\n\n#\n\nif (!get_kb_item(\"SMB/Flash_Player/installed\")) exit(0);\n\n# Identify vulnerable versions.\ninfo = \"\";\n\nforeach variant (make_list(\"Plugin\", \"ActiveX\"))\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n if (!isnull(vers) && !isnull(files))\n {\n foreach key (keys(vers))\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n\n ver = vers[key];\n if (ver)\n {\n iver = split(ver, sep:'.', keep:FALSE);\n for (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\n\n if (\n iver[0] < 6 ||\n (iver[0] == 6 && iver[1] == 0 && iver[2] < 84) ||\n (iver[0] == 7 && iver[1] == 0 && iver[2] < 63) ||\n (iver[0] == 8 && iver[1] == 0 && iver[2] < 24)\n )\n {\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += ' - Browser Plugin (for Firefox / Netscape / Opera) :\\n';\n }\n else if (variant == \"ActiveX\")\n {\n info += ' - ActiveX control (for Internet Explorer) :\\n';\n }\n info += ' ' + file + ', ' + ver + '\\n';\n }\n }\n }\n }\n}\n\n\nif (info)\n{\n report = string(\n \"Nessus has identified the following vulnerable instance(s) of Flash\\n\",\n \"Player installed on the remote host :\\n\",\n \"\\n\",\n info\n );\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:14:47", "description": "The remote host is missing the patch for the advisory SUSE-SA:2006:015 (flash-player).\n\n\nA critical security vulnerability has been identified in the Adobe\nMacromedia Flash Player that allows an attacker who successfully\nexploits these vulnerabilities to take control of the application\nrunning the flash player.\n\nA malicious SWF must be loaded in the Flash Player by the user for\nan attacker to exploit these vulnerabilities.\n\nThis issue is tracked by the Mitre CVE ID CVE-2006-0024.", "edition": 6, "published": "2006-03-23T00:00:00", "title": "SUSE-SA:2006:015: flash-player", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "modified": "2006-03-23T00:00:00", "cpe": [], "id": "SUSE_SA_2006_015.NASL", "href": "https://www.tenable.com/plugins/nessus/21136", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:015\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(21136);\n script_version(\"1.9\");\n \n name[\"english\"] = \"SUSE-SA:2006:015: flash-player\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2006:015 (flash-player).\n\n\nA critical security vulnerability has been identified in the Adobe\nMacromedia Flash Player that allows an attacker who successfully\nexploits these vulnerabilities to take control of the application\nrunning the flash player.\n\nA malicious SWF must be loaded in the Flash Player by the user for\nan attacker to exploit these vulnerabilities.\n\nThis issue is tracked by the Mitre CVE ID CVE-2006-0024.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2006_15_flashplayer.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/03/23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the flash-player package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"flash-player-7.0.63.0-1.1\", release:\"SUSE10.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"flash-player-7.0.63.0-1.2\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"flash-player-7.0.63.0-1.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"flash-player-7.0.63.0-1.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:36", "description": "An updated Macromedia Flash Player package that fixes a security issue\nis now available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla-compatible Macromedia\nFlash Player browser plug-in.\n\nSecurity issues were discovered in the Macromedia Flash Player. It may\nbe possible to execute arbitrary code on a victim's machine if the\nvictim opens a malicious Macromedia Flash file. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0024\nto this issue.\n\nUsers of Macromedia Flash Player should upgrade to this updated\npackage, which contains version 7.0.64 and is not vulnerable to this\nissue.", "edition": 25, "published": "2013-01-24T00:00:00", "title": "RHEL 3 / 4 : flash-plugin (RHSA-2006:0268)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "modified": "2013-01-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:flash-plugin"], "id": "REDHAT-RHSA-2006-0268.NASL", "href": "https://www.tenable.com/plugins/nessus/63832", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0268. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63832);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-0024\");\n script_xref(name:\"RHSA\", value:\"2006:0268\");\n\n script_name(english:\"RHEL 3 / 4 : flash-plugin (RHSA-2006:0268)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Macromedia Flash Player package that fixes a security issue\nis now available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe flash-plugin package contains a Mozilla-compatible Macromedia\nFlash Player browser plug-in.\n\nSecurity issues were discovered in the Macromedia Flash Player. It may\nbe possible to execute arbitrary code on a victim's machine if the\nvictim opens a malicious Macromedia Flash file. The Common\nVulnerabilities and Exposures project assigned the name CVE-2006-0024\nto this issue.\n\nUsers of Macromedia Flash Player should upgrade to this updated\npackage, which contains version 7.0.64 and is not vulnerable to this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2006-0024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2006-0268.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"flash-plugin-7.0.63-1.EL3\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"flash-plugin-7.0.63-1.EL4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:25:07", "description": "The remote host is running Apple Mac OS X, but lacks\nSecurity Update 2006-003.\n\nThis security update contains fixes for the following\napplications :\n\nAppKit\nImageIO\nBOM\nCFNetwork\nClamAV (Mac OS X Server only)\nCoreFoundation\nCoreGraphics\nFinder\nFTPServer\nFlash Player\nKeyCHain\nLaunchServices\nlibcurl\nMail\nMySQL Manager (Mac OS X Server only)\nPreview\nQuickDraw\nQuickTime Streaming Server\nRuby\nSafari", "edition": 23, "published": "2006-05-12T00:00:00", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2006-003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-1449", "CVE-2006-1453", "CVE-2006-1630", "CVE-2006-1456", "CVE-2006-1446", "CVE-2006-1614", "CVE-2006-1443", "CVE-2006-1450", "CVE-2006-0024", "CVE-2005-2628", "CVE-2006-1439", "CVE-2006-1455", "CVE-2006-1983", "CVE-2006-1447", "CVE-2006-1454", "CVE-2006-1440", "CVE-2006-1985", "CVE-2006-1452", "CVE-2006-1552", "CVE-2006-1442", "CVE-2006-1982", "CVE-2006-1451", "CVE-2006-1445", "CVE-2006-1444", "CVE-2006-1441", "CVE-2006-1984", "CVE-2006-1615", "CVE-2005-2337", "CVE-2006-1448", "CVE-2006-1457", "CVE-2005-4077"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2006-003.NASL", "href": "https://www.tenable.com/plugins/nessus/21341", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21341);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2006-1439\", \"CVE-2006-1982\", \"CVE-2006-1983\", \"CVE-2006-1984\", \"CVE-2006-1985\",\n \"CVE-2006-1440\", \"CVE-2006-1441\", \"CVE-2006-1442\", \"CVE-2006-1614\", \"CVE-2006-1615\",\n \"CVE-2006-1630\", \"CVE-2006-1443\", \"CVE-2006-1444\", \"CVE-2006-1448\", \"CVE-2006-1445\",\n \"CVE-2005-2628\", \"CVE-2006-0024\", \"CVE-2006-1552\", \"CVE-2006-1446\", \"CVE-2006-1447\",\n \"CVE-2005-4077\", \"CVE-2006-1449\", \"CVE-2006-1450\", \"CVE-2006-1451\", \"CVE-2006-1452\",\n \"CVE-2006-1453\", \"CVE-2006-1454\", \"CVE-2006-1455\", \"CVE-2006-1456\", \"CVE-2005-2337\",\n \"CVE-2006-1457\");\n script_bugtraq_id(17634, 17951);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2006-003)\");\n script_summary(english:\"Check for Security Update 2006-003\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote operating system is missing a vendor-supplied patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Apple Mac OS X, but lacks\nSecurity Update 2006-003.\n\nThis security update contains fixes for the following\napplications :\n\nAppKit\nImageIO\nBOM\nCFNetwork\nClamAV (Mac OS X Server only)\nCoreFoundation\nCoreGraphics\nFinder\nFTPServer\nFlash Player\nKeyCHain\nLaunchServices\nlibcurl\nMail\nMySQL Manager (Mac OS X Server only)\nPreview\nQuickDraw\nQuickTime Streaming Server\nRuby\nSafari\");\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=303737\");\n script_set_attribute(attribute:\"solution\", value:\n\"Mac OS X 10.4 :\nhttp://support.apple.com/downloads/Security_Update_2006_003_Mac_OS_X_10_4_6_Client__PPC_\nhttp://support.apple.com/downloads/Security_Update_2006_003_Mac_OS_X_10_4_6_Client__Intel_\n\nMac OS X 10.3 :\nhttp://support.apple.com/downloads/Security_Update_2006_003__10_3_9_Client_\nhttp://support.apple.com/downloads/Security_Update_2006_003__10_3_9_Server_\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\n\nuname = get_kb_item(\"Host/uname\");\nif ( egrep(pattern:\"Darwin.* (7\\.[0-9]\\.|8\\.[0-6]\\.)\", string:uname) )\n{\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2006-00[3467]|2007-003)\", string:packages)) security_hole(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:25:11", "description": "The remote host is running a version of Mac OS X 10.5 or 10.4 that does\nnot have Security Update 2007-009 applied. \n\nThis update contains several security fixes for a large number of\nprograms.", "edition": 24, "published": "2007-12-18T00:00:00", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2007-009)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5855", "CVE-2007-6165", "CVE-2007-1662", "CVE-2007-4768", "CVE-2007-4351", "CVE-2007-5857", "CVE-2007-1661", "CVE-2007-6077", "CVE-2007-4709", "CVE-2007-5848", "CVE-2007-4572", "CVE-2007-5379", "CVE-2007-4710", "CVE-2007-1659", "CVE-2006-0024", "CVE-2007-5856", "CVE-2007-4965", "CVE-2007-5770", "CVE-2007-4708", "CVE-2007-5861", "CVE-2007-1660", "CVE-2007-5476", "CVE-2007-5858", "CVE-2007-5850", "CVE-2007-5116", "CVE-2007-5860", "CVE-2007-3798", "CVE-2007-4131", "CVE-2007-4767", "CVE-2007-5859", "CVE-2007-5851", "CVE-2007-3876", "CVE-2007-5398", "CVE-2007-5854", "CVE-2007-5863", "CVE-2007-4766", "CVE-2007-1218", "CVE-2007-5847", "CVE-2007-5849", "CVE-2007-5853", "CVE-2007-5380"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2007-009.NASL", "href": "https://www.tenable.com/plugins/nessus/29723", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29723);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2006-0024\", \"CVE-2007-1218\", \"CVE-2007-1659\", \"CVE-2007-1660\", \"CVE-2007-1661\",\n \"CVE-2007-1662\", \"CVE-2007-3798\", \"CVE-2007-3876\", \"CVE-2007-4131\", \"CVE-2007-4351\",\n \"CVE-2007-4572\", \"CVE-2007-4708\", \"CVE-2007-4709\", \"CVE-2007-4710\", \"CVE-2007-4766\",\n \"CVE-2007-4767\", \"CVE-2007-4768\", \"CVE-2007-4965\", \"CVE-2007-5116\", \"CVE-2007-5379\",\n \"CVE-2007-5380\", \"CVE-2007-5398\", \"CVE-2007-5476\", \"CVE-2007-5770\", \"CVE-2007-5847\",\n \"CVE-2007-5848\", \"CVE-2007-5849\", \"CVE-2007-5850\", \"CVE-2007-5851\", \"CVE-2007-5853\",\n \"CVE-2007-5854\", \"CVE-2007-5855\", \"CVE-2007-5856\", \"CVE-2007-5857\", \"CVE-2007-5858\",\n \"CVE-2007-5859\", \"CVE-2007-5860\", \"CVE-2007-5861\", \"CVE-2007-5863\", \"CVE-2007-6077\",\n \"CVE-2007-6165\");\n script_bugtraq_id(17106, 22772, 24965, 25417, 25696, 26096, 26268, 26274, 26346,\n 26350, 26421, 26454, 26455, 26510, 26598, 26908, 26910, 26926);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2007-009)\");\n script_summary(english:\"Check for the presence of Security Update 2007-009\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5 or 10.4 that does\nnot have Security Update 2007-009 applied. \n\nThis update contains several security fixes for a large number of\nprograms.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=307179\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/advisories/13649\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2007-009.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mail.app Image Attachment Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(16, 20, 22, 79, 119, 134, 189, 200, 264, 287, 310, 362, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif ( ! uname ) exit(0);\nif ( egrep(pattern:\"Darwin.* (8\\.[0-9]\\.|8\\.1[01]\\.)\", string:uname) )\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if ( ! packages ) exit(0);\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2007-009|200[89]-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\nelse if ( egrep(pattern:\"Darwin.* (9\\.[01]\\.)\", string:uname) )\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if ( ! packages ) exit(0);\n if ( !egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.2007\\.009\\.bom\", string:packages) )\n\tsecurity_hole(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:16", "bulletinFamily": "software", "cvelist": ["CVE-2006-0024"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\n\r\n National Cyber Alert System\r\n\r\n Technical Cyber Security Alert TA06-075A\r\n\r\n\r\nAdobe Macromedia Flash Products Contain Vulnerabilities\r\n\r\n Original release date: March 16, 2006\r\n Last revised: --\r\n Source: US-CERT\r\n\r\n\r\nSystems Affected\r\n\r\n Microsoft Windows, Apple Mac OS X, Linux, Solaris, or other operating\r\n systems with any of the following Adobe Macromedia products installed:\r\n * Flash Player 8.0.22.0 and earlier\r\n * Flash Professional 8\r\n * Flash Basic\r\n * Flash MX 2004\r\n * Flash Debug Player 7.0.14.0 and earlier\r\n * Flex 1.5\r\n * Breeze Meeting Add-In 5.1 and earlier\r\n * Adobe Macromedia Shockwave Player 10.1.0.11 and earlier\r\n\r\n For more complete information, refer to Adobe Security Bulletin\r\n APSB06-03.\r\n\r\n\r\nOverview\r\n\r\n There are critical vulnerabilities in Macromedia Flash player and\r\n related software. Exploitation of these vulnerabilities could allow a\r\n remote, unauthenticated attacker to execute arbitrary code or cause a\r\n denial of service on a vulnerable system.\r\n\r\n\r\nI. Description\r\n\r\n Adobe Security Bulletin APSB06-03 addresses vulnerabilities in\r\n Macromedia Flash Player and related software. Further information is\r\n available in the following US-CERT Vulnerability Note:\r\n\r\n VU#945060 - Adobe Macromedia Flash products contain multiple\r\n vulnerabilities \r\n\r\n Several vulnerabilities in Adobe Macromedia Flash products may allow a\r\n remote attacker to execute arbitrary code on a vulnerable system.\r\n (CVE-2006-0024)\r\n\r\n Several operating systems, including Microsoft Windows (see Microsoft\r\n Security Advisory 916208), have vulnerable versions of Flash installed\r\n by default. Systems with Flash-enabled web browsers are vulnerable. An\r\n attacker could host a specially crafted Flash file on a web site and\r\n convince a user to visit the site.\r\n\r\n\r\nII. Impact\r\n\r\n A remote, unauthenticated attacker could execute arbitrary code with\r\n the privileges of the user. If the user is logged on with\r\n administrative privileges, the attacker could take complete control of\r\n an affected system. An attacker may also be able to cause a denial of\r\n service.\r\n\r\n\r\nIII. Solution\r\n\r\nApply Updates\r\n\r\n Adobe has provided the updates for these vulnerabilities in APBS06-03.\r\n\r\nDisable Flash\r\n\r\n Please see Microsoft Security Advisory 916208 for instructions on how\r\n to disable Flash on Microsoft Windows. For other operating systems and\r\n web browsers, please contact the appropriate vendor.\r\n\r\n\r\nAppendix A. References\r\n\r\n * Macromedia - APSB06-03: Flash Player Update to Address Security\r\n Vulnerabilities -\r\n <http://www.macromedia.com/devnet/security/security_zone/apsb06-03\r\n .html>\r\n\r\n * US-CERT Vulnerability Note VU#945060 -\r\n <http://www.kb.cert.org/vuls/id/945060>\r\n\r\n * CVE-2006-0024 -\r\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>\r\n\r\n * Microsoft Security Advisory (916208) -\r\n <http://www.microsoft.com/technet/security/advisory/916208.mspx>\r\n\r\n\r\n ____________________________________________________________________\r\n\r\n The most recent version of this document can be found at:\r\n\r\n <http://www.us-cert.gov/cas/techalerts/TA06-075A.html>\r\n ____________________________________________________________________\r\n\r\n Feedback can be directed to US-CERT Technical Staff. Please send\r\n email to <cert@cert.org> with "TA06-075A Feedback VU#945060" in the\r\n subject.\r\n ____________________________________________________________________\r\n\r\n For instructions on subscribing to or unsubscribing from this\r\n mailing list, visit <http://www.us-cert.gov/cas/signup.html>.\r\n ____________________________________________________________________\r\n\r\n Produced 2006 by US-CERT, a government organization.\r\n\r\n Terms of use:\r\n\r\n <http://www.us-cert.gov/legal.html>\r\n ____________________________________________________________________\r\n\r\n\r\nRevision History\r\n\r\n Mar 16, 2006: Initial release\r\n\r\n\r\n \r\n \r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.1 (GNU/Linux)\r\n\r\niQEVAwUBRBnrc30pj593lg50AQJh0Af/WnwWF6RIXfF6zpDCXMzkEjdaiWUSDa+g\r\nutKrN8ZwUqKsPVw/uKR9vLwqWrWRYbTAsVjnFd1TBiBcasxAPIM4Y0u8sYCnXldB\r\nNmpotYhMPiuIIh7t/2bGxaAwOB8yBZvN4GNGDarsiK243/nf0m8Y7e6t+XN5FY6V\r\nnDp+q8mxiPN0T7Bh+ofeEX7m7SOEAza7kBwzsGgRSZzIkVmwH1+pBjPznmM1Zylh\r\nUzpTPhmvKkQtuDJ3iG3P0J6hrNZqTukEcOh5VB9gRhfvzpavSa6sXoiI7+/zTADa\r\nIJ8ZZZ6crFYmP/DTPeA9nbeCtQg/HAu+ty6ME/leVsHah3a16NWm4w==\r\n=XJw+\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2006-03-17T00:00:00", "published": "2006-03-17T00:00:00", "id": "SECURITYVULNS:DOC:11833", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11833", "title": "US-CERT Technical Cyber Security Alert TA06-075A -- Adobe Macromedia Flash Products Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:17", "bulletinFamily": "software", "cvelist": ["CVE-2006-0024", "CVE-2005-2628"], "description": "Microsoft Security Bulletin MS06-020\r\nVulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)\r\nPublished: May 9, 2006\r\n\r\nVersion: 1.0\r\nSummary\r\n\r\nWho should read this document: Customers who use Microsoft Windows\r\n\r\nImpact of Vulnerability: Remote Code Execution\r\n\r\nMaximum Severity Rating: Critical\r\n\r\nRecommendation: Customers should apply the update immediately.\r\n\r\nSecurity Update Replacement: None.\r\n\r\nCaveats: This bulletin is for customers using Macromedia Flash Player from Adobe version 6 or earlier. Customers that have followed the guidance in Adobe Security Bulletin APSB06-03 are not at risk from the vulnerability.\r\n\r\nVulnerable versions of Macromedia Flash Player from Adobe are included with Windows XP and Internet Explorer 6 Service Pack 1 when installed on Windows ME, Windows 98, and Windows 98 Second Edition. Other versions of Windows are not affected or not supported by this security update. Customers with Flash Player installed on other versions of the operating system or customers who have upgraded to Flash Player 7 or higher are encouraged to follow the guidance in the Adobe Security Bulletin APSB06-03.\r\n\r\nMicrosoft Knowledge Base Article 913433 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 913433.\r\n\r\nTested Software and Security Update Download Locations:\r\n\r\nAffected Software:\r\n\u2022\t\r\n\r\nMicrosoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 \u2013 Download the update\r\n\u2022\t\r\n\r\nMicrosoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) \u2013 Review the FAQ section of this bulletin for details about these operating systems.\r\nTop of sectionTop of section\r\n\u2022\t\r\n\r\nNon-Affected Software:\r\n\u2022\t\r\n\r\nMicrosoft Windows 2000 Service Pack 4\r\n\u2022\t\r\n\r\nMicrosoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1\r\n\u2022\t\r\n\r\nMicrosoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems\r\n\u2022\t\r\n\r\nMicrosoft Windows Server 2003 x64 Edition\r\n\u2022\t\r\n\r\nWindows XP Professional x64 Edition\r\n\r\nNote: Flash Player does not ship with the versions of Microsoft Windows in the not affected software list. Customers who have installed Flash Player on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin ASPB06-03.\r\n\r\nThe software in this list has been tested to determine whether the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support life cycle for your product and version, visit the Microsoft Support Lifecycle Web site.\r\nGeneral Information\r\n\t\r\nExecutive Summary\r\n\r\nExecutive Summary:\r\n\r\nThis update resolves publicly reported vulnerabilities. The vulnerabilities are documented in the "Vulnerability Details" section of this bulletin. These vulnerabilities are also documented in Macromedia Security Bulletin MPSB05-07 for customers using Flash Player 5 and 6. Customers who have installed Flash Player 7 and higher are advised to download the latest version from the Adobe website. Customers that have followed the guidance in Adobe Security Bulletin APSB06-03 are not at risk from the vulnerability.\r\n\r\nIf a user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\r\n\r\nWe recommend that customers apply the update immediately.\r\n\r\nSeverity Ratings and Vulnerability Identifiers:\r\nVulnerability Identifiers\tImpact of Vulnerability\tWindows 98, 98 SE, ME\tWindows 2000\tWindows XP Service Pack 1\tWindows XP Service Pack 2\tWindows Server 2003\tWindows Server 2003 Service Pack 1\r\n\r\nFlash Player Vulnerability - CVE-2006-0024\r\n\t\r\n\r\nRemote Code Execution\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nNot applicable [1]\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nNot applicable [1]\r\n\t\r\n\r\nNot applicable [1]\r\n\r\nFlash Player Vulnerability - CVE-2005-2628\r\n\t\r\n\r\nRemote Code Execution\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nNot applicable [1]\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nCritical\r\n\t\r\n\r\nNot applicable [1]\r\n\t\r\n\r\nNot applicable [1]\r\n\r\nNote [1]: Flash Player does not ship with Microsoft Windows 2000 Service Pack 4, Windows Server 2003 and Windows Server 2003 Service Pack 1. Customers who have installed Flash Player on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin ASPB06-03.\r\n\r\nThis assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them.\r\nTop of sectionTop of section\r\n\t\r\nFrequently asked questions (FAQ) related to this security update\r\n\r\nIs Flash Player a Microsoft technology?\r\n\r\nNo. This software is made by Adobe Systems Inc., formerly Macromedia, Inc.\r\n\r\nIs Flash Player redistributed by Microsoft?\r\n\r\nYes. Some versions of Flash Player have been redistributed by Microsoft. The supported versions of Windows that redistribute Flash Player are Windows XP Service Pack 1, Windows XP Service Pack 2, Windows 98, Windows 98 Second Edition and Windows Millennium Edition. No other supported versions of Windows redistribute Flash Player. Other software applications from Microsoft may also redistribute Flash Player.\r\n\r\nNote: If both flash.ocx and swflash.ocx are present on the system then the GUID used to instantiate the Flash Player should be registered to flash.ocx. Regardless of this, the security update will register the GUID to the new flash.ocx that is installed.\r\n\r\nWhich versions of the Macromedia Flash Player from Adobe are redistributed with Windows?\r\nMicrosoft Windows version\tMacromedia Flash Player from Adobe Filenames and Versions\r\n\r\nMicrosoft Windows XP Service Pack 1\r\n\t\r\n\r\nSwflash.ocx 5.0.44\r\n\r\nMicrosoft Windows XP Service Pack 2\r\n\t\r\n\r\nFlash.ocx 6.0.79\r\n\r\nMicrosoft Windows 98 and Microsoft Windows 98 Second Edition (SE)\r\n\t\r\n\r\nSwflash.ocx 5.0.44\r\n\r\nMicrosoft Windows Millennium Edition (ME)\r\n\t\r\n\r\nSwflash.ocx 4.0.28\r\n\r\nI use a version of Windows that is not listed in this table. Might I still have the Flash Player installed on my system?\r\nYes. Flash Player is available for download from Adobe Systems, Inc. (formerly Macromedia, Inc). Flash Player also may have been installed or required by another software application. You can determine whether you have Flash Player installed and if so what version by visiting the following Adobe Web site. If you have a version of Flash Player earlier than 7.0.63.0 or 8.0.24.0 you have a version that may be affected by the reported vulnerabilities.\r\n\r\nThe Adobe Security Bulletin describes the vulnerabilities and provides the download locations so that you can install version 7.0.63.0 or 8.0.24.0 of Flash Player.\r\n\r\nNote If you do not have Flash Player installed the Adobe Web site will prompt you to install the latest version of Flash Player.\r\n\r\nI have a Flash Player version earlier than version 7 on my system. What can I do?\r\nIf you are using any of the Windows versions called out in \u201cWhich versions of the Flash Player are redistributed with Windows?\u201d you can visit Windows Update to receive security updates for these versions of Windows. If you use any other supported Windows version, or if you are using Flash Player 7 and higher, you can visit the Adobe download center as called out under the affected software section of the Adobe security bulletin to install the update\r\n\r\nHow does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?\r\nMicrosoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site.\r\n\r\nNote Support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition (Me) ends on July 11, 2006. For more information, visit the following Web site\r\n\r\nFor more information about severity ratings, visit the following Web site.\r\n\r\nAre Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by one or more of the vulnerabilities that are addressed in this security bulletin?\r\nYes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition are critically affected by this vulnerability. The security updates for Flash Player 5.x and 6.x are available for download only from the Windows Update Web site. Visit the Adobe website for updates to Flash Player 7 and higher. For more information about severity ratings, visit the following Web site.\r\n\r\nExtended security update support for Microsoft Windows NT Workstation 4.0 Service Pack 6a and Windows 2000 Service Pack 2 ended on June 30, 2004. Extended security update support for Microsoft Windows NT Server 4.0 Service Pack 6a ended on December 31, 2004. Extended security update support for Microsoft Windows 2000 Service Pack 3 ended on June 30, 2005. I\u2019m still using one of these operating systems, what should I do?\r\n\r\nWindows NT Workstation 4.0 Service Pack 6a, Windows NT Server 4.0 Service Pack 6a, Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities. For more information about the Windows Product Lifecycle, visit the following Microsoft Support Lifecycle Web site. For more information about the extended security update support period for these operating system versions, visit the Microsoft Product Support Services Web site.\r\n\r\nCustomers who require additional support for Windows NT 4.0 SP6a and Windows 2000 Service Pack 3 must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information Web site, select the country, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager.\r\n\r\nFor more information, see the Windows Operating System Product Support Lifecycle FAQ.\r\n\r\nCan I use the Microsoft Baseline Security Analyzer (MBSA) 1.2.1 to determine whether this update is required?\r\nNo. MBSA 1.2.1 will not determine whether this update is required. MBSA 1.2.1 will only determine if an update is required for products that MBSA 1.2.1 supports. MBSA 1.2.1 does not support the detection of Flash Player. For more information about MBSA, visit the MBSA Web site. For more information about the programs that MBSA 1.2.1 currently does not detect, see Microsoft Knowledge Base Article 306460. However, Microsoft has developed a version of the Enterprise Update Scanning Tool (EST) that will help customers determine if the security updates provided in this security bulletin are required. See the "Can I use a version of the Enterprise Update Scanning Tool (EST) to determine whether this update is required?" FAQ for more information about this tool.\r\n\r\nWhat is the Enterprise Update Scanning Tool (EST)?\r\nAs part of an ongoing commitment to provide detection tools for bulletin-class security updates, Microsoft delivers a stand-alone detection tool whenever the Microsoft Baseline Security Analyzer (MBSA) and the Office Detection Tool (ODT) cannot detect whether the update is required for an MSRC release cycle. This stand-alone tool is called the Enterprise Update Scanning Tool (EST) and is designed for enterprise administrators. When a version of the Enterprise Update Scanning Tool is created for a specific bulletin, customers can run the tool from a command line interface (CLI) and view the results of the XML output file. To help customers better utilize the tool, detailed documentation will be provided with the tool. There is also a version of the tool that offers an integrated experience for SMS administrators.\r\n\r\nCan I use a version of the Enterprise Update Scanning Tool (EST) to determine whether this update is required?\r\nYes. Microsoft has created a version of the EST that will determine if you have to apply this update. For download links and more information about the version of the EST that is being released this month, see the following Microsoft Web site. SMS customers should review the "Can I use Systems Management Server (SMS) to determine whether this update is required? " FAQ for more information about SMS and EST.\r\n\r\nCan I use the Microsoft Baseline Security Analyzer (MBSA) 2.0 to determine whether this update is required?\r\nYes. MBSA 2.0 will determine whether this update is required. MBSA 2.0 can detect security updates for products that Microsoft Update supports. For more information about MBSA, visit the MBSA Web site.\r\n\r\nCan I use Systems Management Server (SMS) to determine whether this update is required?\r\nYes. SMS can help detect and deploy this security update.\r\n\r\nThe SMS SUS Feature Pack, which includes the Security Update Inventory Tool (SUIT), can be used by SMS for detecting security updates. SMS SUIT uses the MBSA 1.2.1 engine for detection; therefore, SMS SUIT has the same limitation listed earlier in this bulletin related to applications that MBSA does not detect.\r\n\r\nFor more information about the Security Update Inventory Tool, see the following Microsoft Web site. For more information about the limitations of the Security Update Inventory Tool, see Microsoft Knowledge Base Article 306460.\r\n\r\nThe SMS SUS Feature Pack also includes the Microsoft Office Inventory Tool to detect for required updates for Office applications.\r\n\r\nThe SMS 2003 Inventory Tool for Microsoft Updates can be used by SMS for detecting security updates that are offered by Microsoft Update and that are supported by Windows Server Update Services. For more information about the SMS 2003 Inventory Tool for Microsoft Updates, see the following Microsoft Web site.\r\n\r\nSMS 2.0 or SMS 2003 customers that are not using the Inventory Tool for Microsoft Updates will need to download and deploy an updated version of the Extended Security Update Inventory Tool in order to receive full detection and deployment for this update.\r\n\r\nFor more information about SMS, visit the SMS Web site.\r\n\r\nCan I use SMS to determine if the Flash Player is installed on a system?\r\nYes. SMS can help detect if the Flash Player is installed on a system. SMS can search for the existence of the files flash.ocx and swflash.ocx. Versions of flash.ocx and swflash.ocx that are earlier than version 6.0.80 and all 5.x.x.x versions may be vulnerable.\r\n\r\nNote If both flash.ocx and swflash.ocx are present on the system then the GUID used to instantiate Flash Player should be registered to flash.ocx. Regardless of this, the security update will register the GUID to the new flash.ocx that is installed.\r\nTop of sectionTop of section\r\n\t\r\nVulnerability Details\r\n\t\r\nFlash Player Vulnerability - CVE-2006-0024:\r\n\r\nA remote code execution vulnerability exists in Macromedia Flash Player from Adobe because of the way that it handles Flash Animation (SWF) files. An attacker could exploit the vulnerability by constructing a specially crafted Flash Animation (SWF) file that could potentially allow remote code execution if a user visited a Web site containing the specially crafted SWF file or viewed an e-mail message containing the specially crafted SWF file as an attachment. An attacker who successfully exploited this vulnerability could take complete control of an affected system.\r\n\t\r\nMitigating Factors for Flash Player Vulnerability - CVE-2006-0024:\r\n\u2022\t\r\n\r\nCustomers that have followed the guidance in Adobe Security Bulletin APSB06-03 are not at risk from the vulnerability.\r\n\u2022\t\r\n\r\nBy default, Microsoft Windows 2000 Service Pack 4, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 do not ship with a vulnerable version of Flash Player installed. However, customers that have installed a version of Flash Player 7.0.62.0 or 8.0.22.0 or earlier on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin APSB06-03.\r\n\u2022\t\r\n\r\nIn a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.\r\n\u2022\t\r\n\r\nAn attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\r\n\u2022\t\r\n\r\nThe Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario described previously.\r\n\r\nBy default, Outlook Express 6, Outlook 2002, and Outlook 2003 open HTML e-mail messages in the Restricted sites zone. Additionally Outlook 2000 opens HTML e-mail messages in the Restricted sites zone if the Outlook E-mail Security Update has been installed. Outlook Express 5.5 Service Pack 2 opens HTML e-mail messages in the Restricted sites zone if Microsoft Security Bulletin MS04-018 has been installed.\r\nTop of sectionTop of section\r\n\t\r\nWorkarounds for Flash Player Vulnerability - CVE-2006-0024:\r\n\r\nMicrosoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.\r\n\u2022\t\r\n\r\nTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer for Windows XP Service Pack 2\r\n\r\nYou can help protect against this vulnerability by temporarily preventing the Flash Player ActiveX control from running in Internet Explorer. On Windows XP Service Pack 2 use the Internet Explorer Manage Add-ons feature to disable the ActiveX control.\r\n\r\n1.\r\n\t\r\n\r\nStart Internet Explorer.\r\n\r\n2.\r\n\t\r\n\r\nOn the Tools menu, click Manage Add-ons.\r\n\r\n3.\r\n\t\r\n\r\nLocate and click on \u201cShockwave Flash Object\u201d.\r\n\r\n4.\r\n\t\r\n\r\nTo disable the add-on, click Disable, and then click OK.\r\n\r\nNote If you cannot locate the ActiveX control then use the drop-down box to switch from \u201cAdd-ons currently being used in Internet Explorer\u201d to \u201cAdd-ons that have been used by Internet Explorer\u201d and follow steps 3 and 4. If the ActiveX control is not present in this list you either have not used the ActiveX control before or it is not present on your system. See the workaround \u201cTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer\u201d for additional information.\r\n\r\nFor more information on the Internet Explorer Manage Add-ons feature in Windows XP Service Pack 2, see Microsoft Knowledge Base Article 883256.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to use the Internet Explorer Manage Add-ons feature to enable the ActiveX control.\r\n\u2022\t\r\n\r\nTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer\r\n\r\nTemporarily prevent attempts to instantiate the Flash Player ActiveX control in Internet Explorer by setting the kill bit for the control.\r\n\r\nWarning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.\r\n\r\nWe recommend that you back up the registry before you edit it.\r\n\r\nUse the following text to create a .reg file that temporarily prevents attempts to instantiate the Flash Player ActiveX control in Internet Explorer. You can copy the following text, paste it into a text editor such as Notepad, and then save the file with the .reg file name extension. Run the .reg file on the vulnerable client.\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB70-AE6D-11cf-96B8-444553540000}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nFor detailed steps about stopping a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps and create a Compatibility Flags value in the registry to prevent the Flash Player ActiveX control from running in Internet Explorer.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to undo the kill bits for the Flash Player ActiveX control remove the registry keys added to temporarily prevent attempts to instantiate the Flash Player ActiveX control in Internet Explorer.\r\n\u2022\t\r\n\r\nModify the Access Control List on the Flash Player ActiveX control to temporarily prevent it from running in Internet Explorer\r\n\r\nTo modify the Access Control List (ACL) on the Flash Player ActiveX control to be more restrictive, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "cmd" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nType the following commands at a command prompt. Make a note of the current files ACL\u2019s, including inheritance settings. You may need this list if you have to undo these modifications:\r\n\r\ncacls %windir%\system32\Macromed\Flash\flash.ocx\r\ncacls %windir%\system32\Macromed\Flash\swflash.ocx\r\n\r\n3.\r\n\t\r\n\r\nType the following command at a command prompt to deny the \u2018everyone\u2019 group access to this file:\r\n\r\necho y|cacls %windir%\system32\Macromed\Flash\flash.ocx /d everyone\r\necho y|cacls %windir%\system32\Macromed\Flash\swflash.ocx /d everyone\r\n\r\n4.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to undo the modifications to the Access Control List on the ActiveX control you have on your system.\r\n\u2022\t\r\n\r\nUn-register the Flash Player ActiveX Control\r\n\r\nTo un-register the Flash Player ActiveX control, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe /u %windir%\system32\Macromed\Flash\flash.ocx" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nA dialog box confirms that the un-registration process has succeeded. Click OK to close the dialog box.\r\n\r\n3.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe /u %windir%\system32\Macromed\Flash\swflash.ocx" (without the quotation marks), and then click OK.\r\n\r\n4.\r\n\t\r\n\r\nA dialog box confirms that the unregistration process has succeeded. Click OK to close the dialog box.\r\n\r\n5.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo reregister the Flash Player ActiveX control, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe %windir%\system32\Macromed\Flash\flash.ocx" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nA dialog box confirms that the registration process has succeeded. Click OK to close the dialog box.\r\n\r\n3.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe %windir%\system32\Macromed\Flash\swflash.ocx" (without the quotation marks), and then click OK.\r\n\r\n4.\r\n\t\r\n\r\nA dialog box confirms that the registration process has succeeded. Click OK to close the dialog box.\r\n\r\n5.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\u2022\t\r\n\r\nRestrict access to the Macromedia Flash folder by using a Software Restriction Policy\r\n\r\nTo restrict access to the Macromedia Flash folder (%windir%\system32\Macromed\Flash\) on Windows XP and later versions you can create a Software Restriction Policy. To create this policy, use a registry script or create a Group Policy setting to block the loading of the Flash Player ActiveX control.\r\n\r\nFor more information about Group Policy, visit the following Microsoft Web sites:\r\n\u2022\t\r\n\r\nStep-by-Step Guide to Understanding the Group Policy Feature Set\r\n\u2022\t\r\n\r\nWindows 2000 Group Policy\r\n\u2022\t\r\n\r\nGroup Policy in Windows Server 2003\r\n\r\nNote Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Change Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.\r\n\r\nWe recommend that you back up the registry before you edit it.\r\n\r\nUse the following text to create a .reg file to restrict access to the Macromedia Flash folder. You can copy the following text, paste it into a text editor such as Notepad, and then save the file with the .reg file name extension. Run the .reg file on the vulnerable client.\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]\r\n"TransparentEnabled"=dword:00000002\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{2742f840-c2d8-4eb3-a486-0a9d0879f29f}]\r\n"LastModified"=hex(b):10,c3,8a,19,c6,e3,c5,01\r\n"Description"="Block Macromedia Flash"\r\n"SaferFlags"=dword:00000000\r\n"ItemData"=hex(2):25,00,77,00,69,00,6e,00,64,00,69,00,72,00,25,00,5c,00,73,00,\\r\n79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,61,00,63,00,72,00,6f,\\r\n00,6d,00,65,00,64,00,5c,00,66,00,6c,00,61,00,73,00,68,00,5c,00,2a,00,00,00\r\n\u2022\t\r\n\r\nChange your Internet Explorer settings to prompt before running ActiveX controls or disable ActiveX controls in the Internet security zone and in the Local intranet security zone\r\n\r\nYou can help protect against this vulnerability by changing your Internet Explorer settings to prompt before running ActiveX controls. To do this, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nIn Internet Explorer, click Internet Options on the Tools menu.\r\n\r\n2.\r\n\t\r\n\r\nClick the Security tab.\r\n\r\n3.\r\n\t\r\n\r\nClick Internet, and then click Custom Level.\r\n\r\n4.\r\n\t\r\n\r\nUnder Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.\r\n\r\n5.\r\n\t\r\n\r\nClick Local intranet, and then click Custom Level.\r\n\r\n6.\r\n\t\r\n\r\nUnder Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.\r\n\r\n7.\r\n\t\r\n\r\nClick OK two times to return to Internet Explorer.\r\n\r\nImpact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the following method:\r\n\r\nRestrict Web sites to only your trusted Web sites.\r\n\r\nAfter you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to Internet Explorer's Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.\r\n\r\nTo do this, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nIn Internet Explorer, click Tools, click Internet Options, and then click the Security tab.\r\n\r\n2.\r\n\t\r\n\r\nIn the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.\r\n\r\n3.\r\n\t\r\n\r\nIf you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.\r\n\r\n4.\r\n\t\r\n\r\nIn the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.\r\n\r\n5.\r\n\t\r\n\r\nRepeat these steps for each site that you want to add to the zone.\r\n\r\n6.\r\n\t\r\n\r\nClick OK two times to accept the changes and return to Internet Explorer.\r\n\r\nAdd any sites that you trust not to take malicious action on your computer. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and "*.update.microsoft.com" (without the quotation marks). This is the site that will host the update, and it requires an ActiveX control to install the update.\r\n\u2022\t\r\n\r\nSet Internet and Local intranet security zone settings to \u201cHigh\u201d to prompt before running ActiveX controls in these zones\r\n\r\nYou can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls. You can do this by setting your browser security to High.\r\n\r\nTo raise the browsing security level in Microsoft Internet Explorer, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nOn the Internet Explorer Tools menu, click Internet Options.\r\n\r\n2.\r\n\t\r\n\r\nIn the Internet Options dialog box, click the Security tab, and then click the Internet icon.\r\n\r\n3.\r\n\t\r\n\r\nUnder Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High.\r\n\r\nNote If no slider is visible, click Default Level, and then move the slider to High.\r\n\r\nNote Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.\r\n\r\nImpact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the following method:\r\n\u2022\t\r\n\r\nRemove the Flash Player from your system\r\n\r\nIf you want to remove Flash Player, refer to the Adobe Flash Player Support FAQ for instructions.\r\n\r\nTo regain functionality you need install the Flash Player ActiveX control from the Adobe Web site\r\nTop of sectionTop of section\r\n\t\r\nFAQ for Flash Player Vulnerability - CVE-2006-0024.\r\n\r\nWhat is the scope of the vulnerability?\r\nThis is a remote code execution vulnerability. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\r\n\r\nWhat causes the vulnerability?\r\nAn unchecked buffer in Flash Player.\r\n\r\nWhat might an attacker use the vulnerability to do?\r\nAn attacker who successfully exploited this vulnerability could take complete control of the affected system.\r\n\r\nHow could an attacker exploit the vulnerability?\r\nAn attacker could host a Web site containing the specially crafted SWF file that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site.\r\n\r\nWhat systems are primarily at risk from the vulnerability?\r\nWorkstations and terminal servers are primarily at risk. Servers could be at more risk if users who do not have sufficient administrative permissions are given the ability to log on to servers and to run programs. However, best practices strongly discourage allowing this.\r\n\r\nAre Windows 98, Windows 98 Second Edition or Windows Millennium Edition critically affected by this vulnerability?\r\nYes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition users are critically affected by this vulnerability. The security updates for Flash Player 6 are available for download only from the Windows Update Web site. Visit the Adobe website for updates to Flash Player 7 and higher. For more information about severity ratings, visit the following Web site.\r\n\r\nWhat does the update do?\r\nThe update removes the vulnerabilities by modifying the way that the Flash Player handles Flash Animation (SWF) files.\r\n\r\nWhen this security bulletin was issued, had this vulnerability been publicly disclosed?\r\nNo. Microsoft had not received any information to indicate that this vulnerability had been publicly disclosed when this security bulletin was originally issued. This vulnerability is also discussed in Adobe Security Bulletin APSB06-03.\r\n\r\nWhen this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?\r\nNo. Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.\r\nTop of sectionTop of section\r\nTop of sectionTop of section\r\n\t\r\nFlash Player Vulnerability - CVE-2005-2628:\r\n\r\nA remote code execution vulnerability exists in Macromedia Flash Player from Adobe because of the way that it handles Flash Animation (SWF) files. An attacker could exploit the vulnerability by constructing a malicious Flash Animation (SWF) file that could potentially allow remote code execution if a user visited a Web site containing the specially crafted SWF file or viewed an e-mail message containing the specially crafted SWF file as an attachment. An attacker who successfully exploited this vulnerability could take complete control of an affected system.\r\n\t\r\nMitigating Factors for Flash Player Vulnerability - CVE-2005-2628:\r\n\u2022\t\r\n\r\nCustomers that have followed the guidance in Macromedia Security Bulletin MPSB05-07 are not at risk from the vulnerability.\r\n\u2022\t\r\n\r\nBy default, Microsoft Windows 2000 Service Pack 4, Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1 do not ship with a vulnerable version of the Flash Player installed. However, customers that have installed a version of Flash Player 7.0.61.0 or 8.0.22.0 or earlier on these versions of Windows are encouraged to follow the guidance in the Adobe Security Bulletin APSB06-03.\r\n\u2022\t\r\n\r\nIn a Web-based attack scenario, an attacker would have to host a Web site that contains a Web page that is used to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.\r\n\u2022\t\r\n\r\nAn attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\r\n\u2022\t\r\n\r\nThe Restricted sites zone helps reduce attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail. However, if a user clicks on a link within an e-mail they could still be vulnerable to this issue through the Web-based attack scenario described previously.\r\n\r\nBy default, Outlook Express 6, Outlook 2002, and Outlook 2003 open HTML e-mail messages in the Restricted sites zone. Additionally Outlook 2000 opens HTML e-mail messages in the Restricted sites zone if the Outlook E-mail Security Update has been installed. Outlook Express 5.5 Service Pack 2 opens HTML e-mail messages in the Restricted sites zone if Microsoft Security Bulletin MS04-018 has been installed.\r\nTop of sectionTop of section\r\n\t\r\nWorkarounds for Flash Player Vulnerability - CVE-2005-2628\r\n\r\nMicrosoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.\r\n\u2022\t\r\n\r\nTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer for Windows XP Service Pack 2\r\n\r\nYou can help protect against this vulnerability by temporarily preventing the Flash Player ActiveX control from running in Internet Explorer. On Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1 use the Internet Explorer Manage Add-ons feature to disable the ActiveX control.\r\n\r\n1.\r\n\t\r\n\r\nStart Internet Explorer.\r\n\r\n2.\r\n\t\r\n\r\nOn the Tools menu, click Manage Add-ons.\r\n\r\n3.\r\n\t\r\n\r\nLocate and click on \u201cShockwave Flash Object\u201d.\r\n\r\n4.\r\n\t\r\n\r\nTo disable the add-on, click Disable, and then click OK.\r\n\r\nNote If you cannot locate the ActiveX control then use the drop-down box to switch from \u201cAdd-ons currently being used in Internet Explorer\u201d to \u201cAdd-ons that have been used by Internet Explorer\u201d and follow steps 3 and 4. If the ActiveX control is not present in this list you either have not used the ActiveX control before or it is not present on your system. See the workaround \u201cTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer\u201d for additional information.\r\n\r\nFor more information on the Internet Explorer Manage Add-ons feature in Windows XP Service Pack 2, see Microsoft Knowledge Base Article 883256.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to use the Internet Explorer Manage Add-ons feature to enable the ActiveX control.\r\n\u2022\t\r\n\r\nTemporarily prevent the Flash Player ActiveX control from running in Internet Explorer\r\n\r\nTemporarily prevent attempts to instantiate the Flash Player ActiveX control in Internet Explorer by setting the kill bit for the control.\r\n\r\nWarning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.\r\n\r\nWe recommend that you back up the registry before you edit it.\r\n\r\nUse the following text to create a .reg file that temporarily prevents attempts to instantiate the Flash Player ActiveX control in Internet Explorer. You can copy the following text, paste it into a text editor such as Notepad, and then save the file with the .reg file name extension. Run the .reg file on the vulnerable client.\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB70-AE6D-11cf-96B8-444553540000}]\r\n"Compatibility Flags"=dword:00000400\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nFor detailed steps about stopping a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow these steps and create a Compatibility Flags value in the registry to prevent the Flash Player ActiveX control from running in Internet Explorer.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to undo the kill bits for the Flash Player ActiveX control remove the registry keys added to temporarily prevent attempts to instantiate the Flash Player ActiveX control in Internet Explorer.\r\n\u2022\t\r\n\r\nModify the Access Control List on the Flash Player ActiveX control to temporarily prevent it from running in Internet Explorer\r\n\r\nTo modify the Access Control List (ACL) on the Flash Player ActiveX control to be more restrictive, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "cmd" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nType the following commands at a command prompt. Make a note of the current files ACL\u2019s, including inheritance settings. You may need this list if you have to undo these modifications:\r\n\r\ncacls %windir%\system32\Macromed\Flash\flash.ocx\r\ncacls %windir%\system32\Macromed\Flash\swflash.ocx\r\n\r\n3.\r\n\t\r\n\r\nType the following command at a command prompt to deny the \u2018everyone\u2019 group access to this file:\r\n\r\necho y|cacls %windir%\system32\Macromed\Flash\flash.ocx /d everyone\r\necho y|cacls %windir%\system32\Macromed\Flash\swflash.ocx /d everyone\r\n\r\n4.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo regain functionality you need to undo the modifications to the Access Control List on the ActiveX control you have on your system.\r\n\u2022\t\r\n\r\nUnregister the Flash Player ActiveX Control\r\n\r\nTo unregister the Flash Player ActiveX control, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe /u %windir%\system32\Macromed\Flash\flash.ocx" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nA dialog box confirms that the unregistration process has succeeded. Click OK to close the dialog box.\r\n\r\n3.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe /u %windir%\system32\Macromed\Flash\swflash.ocx" (without the quotation marks), and then click OK.\r\n\r\n4.\r\n\t\r\n\r\nA dialog box confirms that the unregistration process has succeeded. Click OK to close the dialog box.\r\n\r\n5.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\r\nImpact of Workaround: Applications and Web sites that require the Flash Player ActiveX control may no longer function correctly. If you implement this workaround it would affect any Flash Player ActiveX control you have installed on your system.\r\n\r\nTo reregister the Flash Player ActiveX control, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe %windir%\system32\Macromed\Flash\flash.ocx" (without the quotation marks), and then click OK.\r\n\r\n2.\r\n\t\r\n\r\nA dialog box confirms that the registration process has succeeded. Click OK to close the dialog box.\r\n\r\n3.\r\n\t\r\n\r\nClick Start, click Run, type "regsvr32.exe %windir%\system32\Macromed\Flash\swflash.ocx" (without the quotation marks), and then click OK.\r\n\r\n4.\r\n\t\r\n\r\nA dialog box confirms that the registration process has succeeded. Click OK to close the dialog box.\r\n\r\n5.\r\n\t\r\n\r\nClose Internet Explorer, and reopen it for the changes to take effect.\r\n\u2022\t\r\n\r\nRestrict access to the Macromedia Flash folder by using a Software Restriction Policy\r\n\r\nTo restrict access to the Macromedia Flash folder (%windir%\system32\Macromed\Flash\) on Windows XP and later versions you can create a Software Restriction Policy. To create this policy, use a registry script or create a Group Policy setting to block the loading of the Flash Player ActiveX control.\r\n\r\nFor more information about Group Policy, visit the following Microsoft Web sites:\r\n\u2022\t\r\n\r\nStep-by-Step Guide to Understanding the Group Policy Feature Set\r\n\u2022\t\r\n\r\nWindows 2000 Group Policy\r\n\u2022\t\r\n\r\nGroup Policy in Windows Server 2003\r\n\r\nNote Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Change Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.\r\n\r\nWe recommend that you back up the registry before you edit it.\r\n\r\nUse the following text to create a .reg file to restrict access to the Macromedia Flash folder. You can copy the following text, paste it into a text editor such as Notepad, and then save the file with the .reg file name extension. Run the .reg file on the vulnerable client.\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]\r\n"TransparentEnabled"=dword:00000002\r\n\r\n[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{2742f840-c2d8-4eb3-a486-0a9d0879f29f}]\r\n"LastModified"=hex(b):10,c3,8a,19,c6,e3,c5,01\r\n"Description"="Block Macromedia Flash"\r\n"SaferFlags"=dword:00000000\r\n"ItemData"=hex(2):25,00,77,00,69,00,6e,00,64,00,69,00,72,00,25,00,5c,00,73,00,\\r\n79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,61,00,63,00,72,00,6f,\\r\n00,6d,00,65,00,64,00,5c,00,66,00,6c,00,61,00,73,00,68,00,5c,00,2a,00,00,00\r\n\u2022\t\r\n\r\nChange your Internet Explorer settings to prompt before running ActiveX controls or disable ActiveX controls in the Internet security zone and in the Local intranet security zone\r\n\r\nYou can help protect against this vulnerability by changing your Internet Explorer settings to prompt before running ActiveX controls. To do this, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nIn Internet Explorer, click Internet Options on the Tools menu.\r\n\r\n2.\r\n\t\r\n\r\nClick the Security tab.\r\n\r\n3.\r\n\t\r\n\r\nClick Internet, and then click Custom Level.\r\n\r\n4.\r\n\t\r\n\r\nUnder Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.\r\n\r\n5.\r\n\t\r\n\r\nClick Local intranet, and then click Custom Level.\r\n\r\n6.\r\n\t\r\n\r\nUnder Settings, in the ActiveX controls and plug-ins section, under Run ActiveX controls and plug-ins, click Prompt or Disable, and then click OK.\r\n\r\n7.\r\n\t\r\n\r\nClick OK two times to return to Internet Explorer.\r\n\r\nImpact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the following method:\r\n\r\nRestrict Web sites to only your trusted Web sites.\r\n\r\nAfter you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to Internet Explorer's Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.\r\n\r\nTo do this, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nIn Internet Explorer, click Tools, click Internet Options, and then click the Security tab.\r\n\r\n2.\r\n\t\r\n\r\nIn the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.\r\n\r\n3.\r\n\t\r\n\r\nIf you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.\r\n\r\n4.\r\n\t\r\n\r\nIn the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.\r\n\r\n5.\r\n\t\r\n\r\nRepeat these steps for each site that you want to add to the zone.\r\n\r\n6.\r\n\t\r\n\r\nClick OK two times to accept the changes and return to Internet Explorer.\r\n\r\nAdd any sites that you trust not to take malicious action on your computer. Two in particular that you may want to add are "*.windowsupdate.microsoft.com" and "*.update.microsoft.com" (without the quotation marks). These are the sites that will host the update, and it requires an ActiveX control to install the update.\r\n\u2022\t\r\n\r\nSet Internet and Local intranet security zone settings to \u201cHigh\u201d to prompt before running ActiveX controls in these zones\r\n\r\nYou can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls. You can do this by setting your browser security to High.\r\n\r\nTo raise the browsing security level in Microsoft Internet Explorer, follow these steps:\r\n\r\n1.\r\n\t\r\n\r\nOn the Internet Explorer Tools menu, click Internet Options.\r\n\r\n2.\r\n\t\r\n\r\nIn the Internet Options dialog box, click the Security tab, and then click the Internet icon.\r\n\r\n3.\r\n\t\r\n\r\nUnder Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High.\r\n\r\nNote If no slider is visible, click Default Level, and then move the slider to High.\r\n\r\nNote Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.\r\n\r\nImpact of Workaround: There are side effects to prompting before running ActiveX controls. Many Web sites that are on the Internet or on an intranet use ActiveX to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX controls is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX controls. If you do not want to be prompted for all these sites, use the following method:\r\n\u2022\t\r\n\r\nRemove Flash Player from your system\r\n\r\nIf you want to remove Flash Player, refer to the Adobe Flash Player Support FAQ for instructions.\r\n\r\nTo regain functionality you need install the Flash Player ActiveX control from the Adobe Web site\r\nTop of sectionTop of section\r\n\t\r\nFAQ for Flash Player Vulnerability - CVE-2005-2628:\r\n\r\nWhat is the scope of the vulnerability?\r\nThis is a remote code execution vulnerability. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\r\n\r\nWhat causes the vulnerability?\r\nAn unchecked buffer in Flash Player.\r\n\r\nWhat might an attacker use the vulnerability to do?\r\nAn attacker who successfully exploited this vulnerability could take complete control of the affected system.\r\n\r\nHow could an attacker exploit the vulnerability?\r\nAn attacker could host a Web site containing the specially crafted SWF file that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site.\r\n\r\nWhat systems are primarily at risk from the vulnerability?\r\nWorkstations and terminal servers are primarily at risk. Servers could be at more risk if users who do not have sufficient administrative permissions are given the ability to log on to servers and to run programs. However, best practices strongly discourage allowing this.\r\n\r\nAre Windows 98, Windows 98 Second Edition or Windows Millennium Edition critically affected by this vulnerability?\r\nYes. Windows 98, Windows 98 Second Edition, and Windows Millennium Edition users are critically affected by this vulnerability. The security updates for Flash Player 6 are available for download only from the Windows Update Web site. Visit the Adobe website for updates to Flash Player 7 and higher. For more information about severity ratings, visit the following Web site.\r\n\r\nWhat does the update do?\r\nThe update removes the vulnerabilities by modifying the way that the Flash Player handles Flash Animation (SWF) files.\r\n\r\nWhen this security bulletin was issued, had this vulnerability been publicly disclosed?\r\nYes. The vulnerability had previously been addressed in Macromedia Security Bulletin MPSB05-07. It has been assigned Common Vulnerability and Exposure number CVE-2005-2628. This issue was also discussed in Microsoft Security Advisory (910550).\r\n\r\nWhen this security bulletin was issued, had Microsoft received any reports that this vulnerability was being exploited?\r\nNo. Microsoft had seen examples of proof of concept code published publicly but had not received any information to indicate that this vulnerability had been publicly used to attack customers when this security bulletin was originally issued.\r\nTop of sectionTop of section\r\nTop of sectionTop of section\r\nTop of sectionTop of section\r\n\t\r\nSecurity Update Information\r\n\r\nAffected Software:\r\n\r\nFor information about the specific security update for your affected software, click the appropriate link:\r\n\t\r\nMicrosoft Windows 98, Microsoft Windows 98 Second Edition, Microsoft Windows Millennium Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2\r\n\r\nPrerequisites\r\nThis security update requires Microsoft Windows 98, Microsoft Windows 98 Second Edition, Microsoft Windows Millennium Edition, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 2.\r\n\r\nInclusion in Future Service Packs:\r\nThe update for this issue may be included in future Service Packs or Update Rollups for Windows versions that included Flash Player in their original distribution.\r\n\r\nInstallation Information\r\n\r\nThis update uses the IExpress installer technology. For more information on IExpress, please see Microsoft Knowledge Base Article 197147.\r\n\r\nThis security update supports the following setup switches.\r\nSupported Security Update Installation Switches\r\nSwitch\tDescription\r\nSetup Modes\t \r\n\r\n/q\r\n\t\r\n\r\nSpecifies quiet mode, or suppresses prompts, when files are being extracted.\r\n\r\n/q:u\r\n\t\r\n\r\nSpecifies user-quiet mode, which presents some dialog boxes to the user.\r\n\r\n/q:a\r\n\t\r\n\r\nSpecifies administrator-quiet mode, which does not present any dialog boxes to the user.\r\nRestart Options\t \r\n\r\n/r:n\r\n\t\r\n\r\nNever restarts the computer after installation.\r\n\r\n/r:i\r\n\t\r\n\r\nPrompts the user to restart the computer if a restart is required, except when used with /q:a.\r\n\r\n/r:a\r\n\t\r\n\r\nAlways restarts the computer after installation.\r\n\r\n/r:s\r\n\t\r\n\r\nRestarts the computer after installation without prompting the user.\r\nSpecial Options\t \r\n\r\n/t:<full path>\r\n\t\r\n\r\nSpecifies the target folder for extracting files.\r\n\r\n/c\r\n\t\r\n\r\nExtracts the files without installing them. If /T: path is not specified, user will be prompted for a target folder.\r\n\r\n/c:<Cmd>\r\n\t\r\n\r\nOverride Install Command defined by author. Specifies the path and name of the Setup .inf or .exe file.\r\n\r\nNote These switches do not necessarily work with all updates. If a switch is not available, then that functionality is necessary for the correct installation of the update. Also, the use of the /N:V switch is unsupported and may result in an unbootable system. If the installation is unsuccessful, you should consult your support professional to understand why it failed to install.\r\n\r\nFor additional information about the supported setup switches, see Microsoft Knowledge Base Article 197147.\r\n\r\nDeployment Information\r\n\r\nTo install the security update without any user intervention, use the following command at a command prompt:\r\n\r\nWindows-KB913433-x86-ENU.exe /q:a\r\n\r\nFor information about how to deploy this security update by using Software Update Services, visit the Software Update Services Web site. For information about how to deploy this security update using Windows Server Update Services, visit the Windows Server Update Services Web site. This security update will also be available through the Microsoft Update Web site.\r\n\r\nRestart Requirement\r\n\r\nThis update does not require a restart.\r\n\r\nRemoval Information\r\n\r\nTo remove this security update, use the Add or Remove Programs tool in Control Panel.\r\n\r\nSystem administrators can use the Ieuninst.exe utility to remove this update. This security update installs the Ieuninst.exe utility in the %Windir% folder. This utility supports the following setup switches:\r\nSupported Ieuninst.exe Switches\r\nSwitch\tDescription\r\n\r\n/?\r\n\t\r\n\r\nDisplays the command-line options\r\nSetup Modes\t \r\n\r\n/q\r\n\t\r\n\r\nQuiet mode. No user interaction is required.\r\nRestart Options\t \r\n\r\n/z\r\n\t\r\n\r\nDoes not restart when installation is complete.\r\n\r\nFor example, to remove this update quietly, use the following command:\r\n\r\nc:\windows\ieuninst /q c:\windows\inf\q913433.inf\r\n\r\nNote This command assumes that Windows is installed in the C:\Windows folder.\r\n\r\nFile Information\r\n\r\nThe English version of this security update has the file attributes that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.\r\n\r\nWindows 98, Windows 98 Second Edition, Windows Millennium Edition, Windows XP Service Pack 1, Windows XP Service Pack 2:\r\nFile Name\tVersion\tDate\tTime\tSize\r\n\r\nGeninst.exe\r\n\t\r\n\r\n6.0.2800.1544\r\n\t\r\n\r\n08-Apr-2006\r\n\t\r\n\r\n02:52\r\n\t\r\n\r\n30,720\r\n\r\nGenuinst.exe\r\n\t\r\n\r\n6.0.2800.1531\r\n\t\r\n\r\n21-Jan-2006\r\n\t\r\n\r\n23:01\r\n\t\r\n\r\n25,088\r\n\r\nVerifying that the Update Has Been Applied\r\n\u2022\t\r\n\r\nMicrosoft Baseline Security Analyzer\r\n\r\nTo verify that a security update has been applied to an affected system, you may be able to use the Microsoft Baseline Security Analyzer (MBSA) tool. MBSA allows administrators to scan local and remote systems for missing security updates and for common security misconfigurations. For more information about MBSA, visit the Microsoft Baseline Security Analyzer Web site.\r\n\u2022\t\r\n\r\nRegistry Key Verification\r\n\r\nYou may also be able to verify the files that this security update has installed by reviewing the following registry key.\r\n\r\nHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1325db73-d9f1-48f8-8895-6d814ec58889}\r\n\u2022\t\r\n\r\nOnline verification\r\n\r\nUsers may verify the installed version by visiting the Adobe website.\r\nTop of sectionTop of section\r\nTop of sectionTop of section\r\n\r\nObtaining Other Security Updates:\r\n\r\nUpdates for other security issues are available at the following locations:\r\n\u2022\t\r\n\r\nSecurity updates are available in the Microsoft Download Center. You can find them most easily by doing a keyword search for "security_patch."\r\n\u2022\t\r\n\r\nUpdates for consumer platforms are available at the Microsoft Update Web site.\r\n\r\nSupport:\r\n\u2022\t\r\n\r\nCustomers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.\r\n\u2022\t\r\n\r\nInternational customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.\r\n\r\nSecurity Resources:\r\n\u2022\t\r\n\r\nThe Microsoft TechNet Security Web site provides additional information about security in Microsoft products.\r\n\u2022\t\r\n\r\nMicrosoft Software Update Services\r\n\u2022\t\r\n\r\nMicrosoft Windows Server Update Services\r\n\u2022\t\r\n\r\nMicrosoft Baseline Security Analyzer (MBSA)\r\n\u2022\t\r\n\r\nWindows Update\r\n\u2022\t\r\n\r\nMicrosoft Update\r\n\u2022\t\r\n\r\nWindows Update Catalog: For more information about the Windows Update Catalog, see Microsoft Knowledge Base Article 323166.\r\n\u2022\t\r\n\r\nOffice Update \r\n\r\nSoftware Update Services:\r\n\r\nBy using Microsoft Software Update Services (SUS), administrators can quickly and reliably deploy the latest critical updates and security updates to Windows 2000 and Windows Server 2003-based servers, and to desktop systems that are running Windows 2000 Professional or Windows XP Professional.\r\n\r\nFor more information about how to deploy security updates by using Software Update Services, visit the Software Update Services Web site.\r\n\r\nWindows Server Update Services:\r\n\r\nBy using Windows Server Update Services (WSUS), administrators can quickly and reliably deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and later, Exchange Server 2003, and SQL Server 2000 onto Windows 2000 and later operating systems.\r\n\r\nFor more information about how to deploy security updates using Windows Server Update Services, visit the Windows Server Update Services Web site.\r\n\r\nSystems Management Server:\r\n\r\nMicrosoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing updates. By using SMS, administrators can identify Windows-based systems that require security updates and can perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users. For more information about how administrators can use SMS 2003 to deploy security updates, visit the SMS 2003 Security Patch Management Web site. SMS 2.0 users can also use Software Updates Service Feature Pack to help deploy security updates. For information about SMS, visit the SMS Web site.\r\n\r\nNote SMS uses the Microsoft Baseline Security Analyzer, the Microsoft Office Detection Tool, and the Enterprise Update Scanning Tool to provide broad support for security bulletin update detection and deployment. Some software updates may not be detected by these tools. Administrators can use the inventory capabilities of the SMS in these cases to target updates to specific systems. For more information about this procedure, visit the following Web site. Some security updates require administrative rights following a restart of the system. Administrators can use the Elevated Rights Deployment Tool (available in the SMS 2003 Administration Feature Pack and in the SMS 2.0 Administration Feature Pack) to install these updates.\r\n\r\nDisclaimer:\r\n\r\nThe information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\nRevisions: \r\n\u2022\t\r\n\r\nV1.0 (May 9, 2006): Bulletin published.", "edition": 1, "modified": "2006-05-09T00:00:00", "published": "2006-05-09T00:00:00", "id": "SECURITYVULNS:DOC:12618", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:12618", "title": "Microsoft Security Bulletin MS06-020 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)", "type": "securityvulns", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:17", "bulletinFamily": "software", "cvelist": ["CVE-2006-0024", "CVE-2005-2628", "CVE-2006-0027"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\n\r\n National Cyber Alert System\r\n\r\n Technical Cyber Security Alert TA06-129A\r\n\r\n\r\nMicrosoft Windows and Exchange Server Vulnerabilities\r\n\r\n Original release date: May 9, 2006\r\n Last revised: --\r\n Source: US-CERT\r\n\r\n\r\nSystems Affected\r\n\r\n * Microsoft Windows\r\n * Microsoft Exchange Server\r\n\r\n For more complete information, refer to the Microsoft Security\r\n Bulletin Summary for May 2006.\r\n\r\n\r\nOverview\r\n\r\n Microsoft has released updates that address critical vulnerabilities\r\n in Microsoft Windows and Exchange Server. Exploitation of these\r\n vulnerabilities could allow a remote, unauthenticated attacker to\r\n execute arbitrary code or cause a denial of service on a vulnerable\r\n system.\r\n\r\n\r\nI. Description\r\n\r\n Microsoft Security Bulletin Summary for May 2006 addresses\r\n vulnerabilities in Microsoft Windows and Exchange Server. Further\r\n information is available in the following US-CERT Vulnerability Notes:\r\n\r\n\r\n VU#303452 - Microsoft Exchange fails to properly handle vCal and iCal\r\n properties \r\n\r\n Microsoft Exchange Server does not properly handle the vCal and iCal\r\n properties of email messages. Exploitation of this vulnerability may\r\n allow a remote, unauthenticated attacker to execute arbitrary code on\r\n an Exchange Server.\r\n (CVE-2006-0027)\r\n\r\n\r\n VU#945060 - Adobe Flash products contain multiple vulnerabilities \r\n\r\n Several vulnerabilities in Adobe Macromedia Flash products may allow a\r\n remote attacker to execute code on a vulnerable system.\r\n (CVE-2006-0024)\r\n\r\n\r\n VU#146284 - Macromedia Flash Player fails to properly validate the\r\n frame type identifier read from a "SWF" file \r\n\r\n A buffer overflow vulnerability in some versions of the Macromedia\r\n Flash Player may allow a remote attacker to execute code on a\r\n vulnerable system.\r\n (CVE-2005-2628)\r\n\r\n\r\nII. Impact\r\n\r\n A remote, unauthenticated attacker could execute arbitrary code on a\r\n vulnerable system. An attacker may also be able to cause a denial of\r\n service.\r\n\r\n\r\nIII. Solution\r\n\r\nApply Updates\r\n\r\n Microsoft has provided updates for these vulnerabilities in the\r\n Security Bulletins. Microsoft Windows updates are available on the\r\n Microsoft Update site.\r\n\r\nWorkarounds\r\n\r\n Please see the US-CERT Vulnerability Notes for workarounds.\r\n\r\n\r\nAppendix A. References\r\n\r\n * Microsoft Security Bulletin Summary for May 2006 -\r\n <http://www.microsoft.com/technet/security/bulletin/ms06-may.mspx>\r\n\r\n * Technical Cyber Security Alert TA06-075A -\r\n <http://www.us-cert.gov/cas/techalerts/TA06-075A.html>\r\n\r\n * US-CERT Vulnerability Note VU#303452 -\r\n <http://www.kb.cert.org/vuls/id/303452>\r\n\r\n * US-CERT Vulnerability Note VU#945060 -\r\n <http://www.kb.cert.org/vuls/id/945060>\r\n\r\n * US-CERT Vulnerability Note VU#146284 -\r\n <http://www.kb.cert.org/vuls/id/146284>\r\n\r\n * CVE-2006-0027 -\r\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0027>\r\n\r\n * CVE-2006-0024 -\r\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>\r\n\r\n * CVE-2005-2628 -\r\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2628>\r\n\r\n * Microsoft Update - <https://update.microsoft.com/microsoftupdate>\r\n\r\n\r\n ____________________________________________________________________\r\n\r\n The most recent version of this document can be found at:\r\n\r\n <http://www.us-cert.gov/cas/techalerts/TA06-129A.html>\r\n ____________________________________________________________________\r\n\r\n Feedback can be directed to US-CERT Technical Staff. Please send\r\n email to <cert@cert.org> with "TA06-129A Feedback VU#303452" in the\r\n subject.\r\n ____________________________________________________________________\r\n\r\n For instructions on subscribing to or unsubscribing from this\r\n mailing list, visit <http://www.us-cert.gov/cas/signup.html>.\r\n ____________________________________________________________________\r\n\r\n Produced 2006 by US-CERT, a government organization.\r\n\r\n Terms of use:\r\n\r\n <http://www.us-cert.gov/legal.html>\r\n ____________________________________________________________________\r\n\r\n\r\nRevision History\r\n\r\n May 9, 2006: Initial release\r\n\r\n\r\n \r\n \r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.1 (GNU/Linux)\r\n\r\niQEVAwUBRGDvB30pj593lg50AQJkAQf9FqFX8S29GmV1pKfRCfkEY9ooi/ygyeyu\r\nl+z2OpoJsu4BHhYbXahssZLutNh0UtpC2Qv17sgHP2xg2sIokqgqkdMH1WQn4kAw\r\nx6RWPlI7hraIg/tY1lSZayZris4XMuDzNiqfpa/gN7oOSOtnIZ6Ky5+h5nIk+xxk\r\nQ50BdlEHmw5e62LyW7qnBAoHuHzEQq/xS52DtTat+aigRYePq3SX2f8S4BpZyKzq\r\nkQKN7kn2keseziuKCMEMNIH0bUunUr6M2kRsBPIBUrAi03Fmgx2Qfy7yMHRV/0Gg\r\nA2jjB48O4m+fuHHQSVSP2gCtSbe9ChiWJ8Db1nY1pnsQ42fZvqQekg==\r\n=nxe/\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2006-05-10T00:00:00", "published": "2006-05-10T00:00:00", "id": "SECURITYVULNS:DOC:12621", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:12621", "title": "US-CERT Technical Cyber Security Alert TA06-129A -- Microsoft Windows and Exchange Server Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200603-20.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:56548", "href": "http://plugins.openvas.org/nasl.php?oid=56548", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200603-20 (Flash)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been identified that allows arbitrary code\nexecution on a user's system via the handling of malicious SWF files.\";\ntag_solution = \"All Macromedia Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/netscape-flash-7.0.63'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-20\nhttp://bugs.gentoo.org/show_bug.cgi?id=102777\nhttp://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200603-20.\";\n\n \n\nif(description)\n{\n script_id(56548);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(17951, 17106);\n script_cve_id(\"CVE-2006-0024\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200603-20 (Flash)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/netscape-flash\", unaffected: make_list(\"ge 7.0.63\"), vulnerable: make_list(\"lt 7.0.63\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-0024"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-22T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:56390", "href": "http://plugins.openvas.org/nasl.php?oid=56390", "type": "openvas", "title": "FreeBSD Ports: linux-flashplugin", "sourceData": "#\n#VID 83421018-b3ef-11da-a32d-000c6ec775d9\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: linux-flashplugin\n\nCVE-2006-0024\nMultiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0\nand earlier allow remote attackers to execute arbitrary code via a\ncrafted SWF file.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\nhttp://www.vuxml.org/freebsd/83421018-b3ef-11da-a32d-000c6ec775d9.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(56390);\n script_version(\"$Revision: 4128 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-22 07:37:51 +0200 (Thu, 22 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(17951, 17106);\n script_cve_id(\"CVE-2006-0024\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: linux-flashplugin\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"linux-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.0r63\")<0) {\n txt += 'Package linux-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5855", "CVE-2007-6165", "CVE-2007-1662", "CVE-2007-4768", "CVE-2007-4351", "CVE-2007-5857", "CVE-2007-1661", "CVE-2007-6077", "CVE-2007-4709", "CVE-2007-5848", "CVE-2007-4572", "CVE-2007-5379", "CVE-2007-4710", "CVE-2007-1659", "CVE-2006-0024", "CVE-2007-5856", "CVE-2007-4965", "CVE-2007-5770", "CVE-2007-4708", "CVE-2007-5861", "CVE-2007-1660", "CVE-2007-5476", "CVE-2007-5858", "CVE-2007-5850", "CVE-2007-5116", "CVE-2007-5860", "CVE-2007-3798", "CVE-2007-4131", "CVE-2007-4767", "CVE-2007-5859", "CVE-2007-5851", "CVE-2007-3876", "CVE-2007-5398", "CVE-2007-5854", "CVE-2007-5863", "CVE-2007-4766", "CVE-2007-1218", "CVE-2007-5847", "CVE-2007-5849", "CVE-2007-5853", "CVE-2007-5380"], "description": "The remote host is missing Security Update 2007-009.", "modified": "2019-03-19T00:00:00", "published": "2010-05-12T00:00:00", "id": "OPENVAS:1361412562310102023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310102023", "type": "openvas", "title": "Mac OS X Security Update 2007-009", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n# $Id: macosx_secupd_2007-009.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X Security Update 2007-009\n#\n# LSS-NVT-2010-012\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.102023\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2007-4708\", \"CVE-2007-4709\", \"CVE-2007-4710\", \"CVE-2007-5847\", \"CVE-2007-5848\",\n \"CVE-2007-4351\", \"CVE-2007-5849\", \"CVE-2007-5850\", \"CVE-2007-5476\", \"CVE-2007-4131\",\n \"CVE-2007-5851\", \"CVE-2007-5853\", \"CVE-2007-5854\", \"CVE-2007-6165\", \"CVE-2007-5855\",\n \"CVE-2007-5116\", \"CVE-2007-4965\", \"CVE-2007-5856\", \"CVE-2007-5857\", \"CVE-2007-5770\",\n \"CVE-2007-5379\", \"CVE-2007-5380\", \"CVE-2007-6077\", \"CVE-2007-5858\", \"CVE-2007-5859\",\n \"CVE-2007-4572\", \"CVE-2007-5398\", \"CVE-2006-0024\", \"CVE-2007-3876\", \"CVE-2007-5863\",\n \"CVE-2007-5860\", \"CVE-2007-5861\", \"CVE-2007-1218\", \"CVE-2007-3798\", \"CVE-2007-1659\",\n \"CVE-2007-1660\", \"CVE-2007-1661\", \"CVE-2007-1662\", \"CVE-2007-4766\", \"CVE-2007-4767\",\n \"CVE-2007-4768\");\n script_name(\"Mac OS X Security Update 2007-009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[45]\\.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT2012\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing Security Update 2007-009.\");\n\n script_tag(name:\"affected\", value:\"One or more of the following components are affected:\n\n Address Book\n\n CFNetwork\n\n ColorSync\n\n Core Foundation\n\n CUPS\n\n Desktop Services\n\n Flash Player Plug-in\n\n GNU Tar\n\n iChat\n\n IO Storage Family\n\n Launch Services\n\n Mail\n\n perl\n\n python\n\n Quick Look\n\n ruby\n\n Safari\n\n Safari RSS\n\n Samba\n\n Shockwave Plug-in\n\n SMB\n\n Software Update\n\n Spin Tracer\n\n Spotlight\n\n tcpdump\n\n XQuery\");\n\n script_tag(name:\"solution\", value:\"Update your Mac OS X operating system. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver || ssh_osx_ver !~ \"^10\\.[45]\\.\") exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.1\",\"Mac OS X Server 10.5.1\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.1\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.1\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.5.1\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.1\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.1\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.5.1\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5855", "CVE-2007-6165", "CVE-2007-1662", "CVE-2007-4768", "CVE-2007-4351", "CVE-2007-5857", "CVE-2007-1661", "CVE-2007-6077", "CVE-2007-4709", "CVE-2007-5848", "CVE-2007-4572", "CVE-2007-5379", "CVE-2007-4710", "CVE-2007-1659", "CVE-2006-0024", "CVE-2007-5856", "CVE-2007-4965", "CVE-2007-5770", "CVE-2007-4708", "CVE-2007-5861", "CVE-2007-1660", "CVE-2007-5476", "CVE-2007-5858", "CVE-2007-5850", "CVE-2007-5116", "CVE-2007-5860", "CVE-2007-3798", "CVE-2007-4131", "CVE-2007-4767", "CVE-2007-5859", "CVE-2007-5851", "CVE-2007-3876", "CVE-2007-5398", "CVE-2007-5854", "CVE-2007-5863", "CVE-2007-4766", "CVE-2007-1218", "CVE-2007-5847", "CVE-2007-5849", "CVE-2007-5853", "CVE-2007-5380"], "description": "The remote host is missing Security Update 2007-009.\n One or more of the following components are affected:\n\n Address Book\n CFNetwork\n ColorSync\n Core Foundation\n CUPS\n Desktop Services\n Flash Player Plug-in\n GNU Tar\n iChat\n IO Storage Family\n Launch Services\n Mail\n perl\n python\n Quick Look\n ruby\n Safari\n Safari RSS\n Samba\n Shockwave Plug-in\n SMB\n Software Update\n Spin Tracer\n Spotlight\n tcpdump\n XQuery", "modified": "2017-02-22T00:00:00", "published": "2010-05-12T00:00:00", "id": "OPENVAS:102023", "href": "http://plugins.openvas.org/nasl.php?oid=102023", "type": "openvas", "title": "Mac OS X Security Update 2007-009", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X Security Update 2007-009\n#\n# LSS-NVT-2010-012\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\ntag_solution = \"Update your Mac OS X operating system.\n\n For more information see:\n http://support.apple.com/kb/HT2012\";\n\ntag_summary = \"The remote host is missing Security Update 2007-009.\n One or more of the following components are affected:\n\n Address Book\n CFNetwork\n ColorSync\n Core Foundation\n CUPS\n Desktop Services\n Flash Player Plug-in\n GNU Tar\n iChat\n IO Storage Family\n Launch Services\n Mail\n perl\n python\n Quick Look\n ruby\n Safari\n Safari RSS\n Samba\n Shockwave Plug-in\n SMB\n Software Update\n Spin Tracer\n Spotlight\n tcpdump\n XQuery\";\n\n\nif(description)\n{\n script_id(102023);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2007-4708\",\"CVE-2007-4709\",\"CVE-2007-4710\",\"CVE-2007-5847\",\"CVE-2007-5848\",\"CVE-2007-4351\",\"CVE-2007-5849\",\"CVE-2007-5850\",\"CVE-2007-5476\",\"CVE-2007-4131\",\"CVE-2007-5851\",\"CVE-2007-5853\",\"CVE-2007-5854\",\"CVE-2007-6165\",\"CVE-2007-5855\",\"CVE-2007-5116\",\"CVE-2007-4965\",\"CVE-2007-5856\",\"CVE-2007-5857\",\"CVE-2007-5770\",\"CVE-2007-5379\",\"CVE-2007-5380\",\"CVE-2007-6077\",\"CVE-2007-5858\",\"CVE-2007-5859\",\"CVE-2007-4572\",\"CVE-2007-5398\",\"CVE-2006-0024\",\"CVE-2007-3876\",\"CVE-2007-5863\",\"CVE-2007-5860\",\"CVE-2007-5861\",\"CVE-2007-1218\",\"CVE-2007-3798\",\"CVE-2007-1659\",\"CVE-2007-1660\",\"CVE-2007-1661\",\"CVE-2007-1662\",\"CVE-2007-4766\",\"CVE-2007-4767\",\"CVE-2007-4768\");\n script_name(\"Mac OS X Security Update 2007-009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_require_ports(\"Services/ssh\", 22);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver) exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.4.11\",\"Mac OS X Server 10.4.11\",\"Mac OS X 10.5.1\",\"Mac OS X Server 10.5.1\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.4.11\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.4.11\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.4.11\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.1\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.1\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.5.1\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.1\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.1\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.5.1\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2007.009\"))) { security_message(0); exit(0);}\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:20", "bulletinFamily": "software", "cvelist": ["CVE-2006-0024"], "edition": 1, "description": "## Vulnerability Description\nFlash Player contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the victim loads a malicious SWF file. It is possible that the flaw may allow an attacker to take control of the affected system resulting in a loss of confidentiality, integrity, and/or availability.\n## Solution Description\nUpgrade to version 8.0.24.0 or 7.0.63.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nFlash Player contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the victim loads a malicious SWF file. It is possible that the flaw may allow an attacker to take control of the affected system resulting in a loss of confidentiality, integrity, and/or availability.\n## References:\n[Vendor Specific Advisory URL](http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml)\nSecurity Tracker: 1015770\n[Secunia Advisory ID:19218](https://secuniaresearch.flexerasoftware.com/advisories/19218/)\n[Secunia Advisory ID:19259](https://secuniaresearch.flexerasoftware.com/advisories/19259/)\n[Secunia Advisory ID:19198](https://secuniaresearch.flexerasoftware.com/advisories/19198/)\n[Secunia Advisory ID:19328](https://secuniaresearch.flexerasoftware.com/advisories/19328/)\n[Secunia Advisory ID:20045](https://secuniaresearch.flexerasoftware.com/advisories/20045/)\nRedHat RHSA: RHSA-2006:0268\nOther Advisory URL: http://www.microsoft.com/technet/security/advisory/916208.mspx\nOther Advisory URL: http://lists.suse.de/archive/suse-security-announce/2006-Mar/0004.html\nNews Article: http://www.eweek.com/article2/0,1895,1938443,00.asp\nMicrosoft Knowledge Base Article: 913433\nKeyword: APSB06-03\nFrSIRT Advisory: ADV-2006-0952\n[CVE-2006-0024](https://vulners.com/cve/CVE-2006-0024)\nBugtraq ID: 17106\n", "modified": "2006-03-14T19:02:36", "published": "2006-03-14T19:02:36", "href": "https://vulners.com/osvdb/OSVDB:23908", "id": "OSVDB:23908", "title": "Macromedia Flash Player swf Processing Multiple Unspecified Code Execution", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}