Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_ADOBE_AIR_15_0_0_249.NASL
HistorySep 10, 2014 - 12:00 a.m.

Adobe AIR for Mac <= 14.0.0.178 Multiple Vulnerabilities (APSB14-21)

2014-09-1000:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

0.973 High

EPSS

Percentile

99.9%

JSON

According to its version, the installation of Adobe AIR on the remote Mac OS X host is equal or prior to 14.0.0.178. It is, therefore, affected by the following vulnerabilities :

  • Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)

  • An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)

  • A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)

  • An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)

  • Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization.
    (CVE-2014-0557)

  • Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(77578);
  script_version("1.14");
  script_cvs_date("Date: 2019/11/25");

  script_cve_id(
    "CVE-2014-0547",
    "CVE-2014-0548",
    "CVE-2014-0549",
    "CVE-2014-0550",
    "CVE-2014-0551",
    "CVE-2014-0552",
    "CVE-2014-0553",
    "CVE-2014-0554",
    "CVE-2014-0555",
    "CVE-2014-0556",
    "CVE-2014-0557",
    "CVE-2014-0559"
  );
  script_bugtraq_id(
    69695,
    69696,
    69697,
    69699,
    69700,
    69701,
    69702,
    69703,
    69704,
    69705,
    69706,
    69707
  );

  script_name(english:"Adobe AIR for Mac <= 14.0.0.178 Multiple Vulnerabilities (APSB14-21)");
  script_summary(english:"Checks the version gathered by local check.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a version of Adobe AIR that is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version, the installation of Adobe AIR on the remote
Mac OS X host is equal or prior to 14.0.0.178. It is, therefore,
affected by the following vulnerabilities :

  - Unspecified memory corruption issues exist that allow
    arbitrary code execution. (CVE-2014-0547, CVE-2014-0549,
    CVE-2014-0550, CVE-2014-0551, CVE-2014-0552,
    CVE-2014-0555)

  - An unspecified error exists that allows cross-origin
    policy violations. (CVE-2014-0548)

  - A use-after-free error exists that allows arbitrary
    code execution. (CVE-2014-0553)

  - An unspecified error exists that allows an unspecified
    security bypass. (CVE-2014-0554)

  - Unspecified errors exist that allow memory leaks leading
    to easier defeat of memory address randomization.
    (CVE-2014-0557)

  - Heap-based buffer overflow errors exist that allow
    arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)");
  script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/flash-player/apsb14-21.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe AIR 15.0.0.249 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0559");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player copyPixelsToByteArray Method Integer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_adobe_air_installed.nasl");
  script_require_keys("MacOSX/Adobe_AIR/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

kb_base = "MacOSX/Adobe_AIR";
version = get_kb_item_or_exit(kb_base+"/Version");
path = get_kb_item_or_exit(kb_base+"/Path");

# nb: we're checking for versions less than *or equal to* the cutoff!
cutoff_version = '14.0.0.178';
fixed_version_for_report = '15.0.0.249';

if (ver_compare(ver:version, fix:cutoff_version, strict:FALSE) <= 0)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fixed_version_for_report +
      '\n';
    security_hole(port:0, extra:report);
  }
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, "Adobe AIR", version, path);
VendorProductVersionCPE
adobeaircpe:/a:adobe:air

Related

nessus 14
redhat 1
suse 3
mageia 1
openvas 9
gentoo 1
freebsd 1
cvelist 12
prion 12
ubuntucve 12
nvd 12
cve 12
checkpoint_advisories 12
zdt 2
canvas 1
packetstorm 2
hackerone 3
metasploit 1
googleprojectzero 6
exploitdb 1
threatpost 1
nessus
nessus
Flash Player for Mac <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
Adobe AIR <= AIR 14.0.0.178 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
Flash Player < 15.0.0.152 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
redhat
redhat
(RHSA-2014:1173) Critical: flash-plugin security update
2014-09-10 00:00:00
suse
suse
flash-player to 11.2.202.40 (important)
2014-09-10 17:04:13
update flash-player to 11.2.202.40 (important)
2014-09-16 01:04:20
Security update for flash-player (important)
2014-09-13 01:04:17
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-09-22 12:31:24
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X
2014-09-12 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Linux
2014-09-12 00:00:00
Adobe AIR Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X
2014-09-12 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-09-19 00:00:00
freebsd
freebsd
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11
2014-09-09 00:00:00
cvelist
cvelist
CVE-2014-0547
2014-09-10 01:00:00
CVE-2014-0555
2014-09-10 01:00:00
CVE-2014-0549
2014-09-10 01:00:00
prion
prion
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
ubuntucve
ubuntucve
CVE-2014-0551
2014-09-10 00:00:00
CVE-2014-0547
2014-09-10 00:00:00
CVE-2014-0552
2014-09-10 00:00:00
nvd
nvd
CVE-2014-0549
2014-09-10 01:55:07
CVE-2014-0550
2014-09-10 01:55:07
CVE-2014-0552
2014-09-10 01:55:08
cve
cve
CVE-2014-0552
2014-09-10 01:55:08
CVE-2014-0547
2014-09-10 01:55:06
CVE-2014-0549
2014-09-10 01:55:07
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)
2014-10-14 00:00:00
Adobe Flash Player Same Origin Policy Bypass (APSB14-21: CVE-2014-0548)
2015-05-11 00:00:00
Adobe Flash Player Memory Leakage (APSB14-21: CVE-2014-0557)
2014-11-13 00:00:00
zdt
zdt
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-10-01 00:00:00
Adobe Flash Player copyPixelsToByteArray Integer Overflow Exploit
2015-04-19 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY
2014-09-10 01:55:00
packetstorm
packetstorm
Adobe Flash Player copyPixelsToByteArray Integer Overflow
2015-04-19 00:00:00
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-09-30 00:00:00
hackerone
hackerone
Internet Bug Bounty: Flash Local Sandbox Bypass
2014-09-09 20:51:19
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-10-08 02:03:48
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
metasploit
metasploit
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
2015-04-15 19:08:16
googleprojectzero
googleprojectzero
Exploiting CVE-2014-0556 in Flash
2014-09-23 00:00:00
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
Significant Flash exploit mitigations are live in v18.0.0.209
2015-07-16 00:00:00
exploitdb
exploitdb
Adobe Flash Player - copyPixelsToByteArray Integer Overflow (Metasploit)
2015-04-21 00:00:00
threatpost
threatpost
Microsoft Warns of Crowti Ransomware
2014-10-29 14:20:49

0.973 High

EPSS

Percentile

99.9%

JSON
Related for MACOSX_ADOBE_AIR_15_0_0_249.NASL
nessus14redhat1suse3mageia1openvas9gentoo1freebsd1cvelist12prion12ubuntucve12nvd12cve12checkpoint_advisories12zdt2canvas1packetstorm2hackerone3metasploit1googleprojectzero6exploitdb1threatpost1