Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2022 Tenable Network Security, Inc.OPENSUSE-2012-98.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : flash-player (openSUSE-2012-98)

2014-06-1300:00:00
This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.
www.tenable.com
20
JSON
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2012-98.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74858);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/08");

  script_cve_id(
    "CVE-2012-0751",
    "CVE-2012-0752",
    "CVE-2012-0753",
    "CVE-2012-0754",
    "CVE-2012-0755",
    "CVE-2012-0756",
    "CVE-2012-0767"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");

  script_name(english:"openSUSE Security Update : flash-player (openSUSE-2012-98)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"- Update to 11.1.102.62: (bnc#747297)
    https://www.adobe.com/support/security/bulletins/apsb12-
    03.html CVEs fixed: CVE-2012-0751, CVE-2012-0752,
    CVE-2012-0753, CVE-2012-0754, CVE-2012-0755,
    CVE-2012-0756, CVE-2012-0767");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=747297");
  script_set_attribute(attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb12-03.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected flash-player packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player MP4 "cprt" Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/02/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player-kde4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.1", reference:"flash-player-11.1.102.62-7.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"flash-player-gnome-11.1.102.62-7.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"flash-player-kde4-11.1.102.62-7.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player / flash-player-gnome / flash-player-kde4");
}
VendorProductVersionCPE
novellopensuseflash-playerp-cpe:/a:novell:opensuse:flash-player
novellopensuseflash-player-gnomep-cpe:/a:novell:opensuse:flash-player-gnome
novellopensuseflash-player-kde4p-cpe:/a:novell:opensuse:flash-player-kde4
novellopensuse12.1cpe:/o:novell:opensuse:12.1

Related

suse 3
nessus 10
openvas 12
securityvulns 3
freebsd 1
redhat 1
seebug 3
prion 7
ubuntucve 7
cve 7
gentoo 1
checkpoint_advisories 6
canvas 1
threatpost 6
saint 4
metasploit 1
cisa_kev 2
attackerkb 2
zdi 2
symantec 1
packetstorm 1
exploitdb 1
securelist 1
suse
suse
Security update for flash-player (critical)
2012-02-18 10:08:24
flash-player to 11.1.102.62 (critical)
2012-02-17 13:08:21
Security update for flash-player (critical)
2012-02-27 01:08:18
nessus
nessus
Flash Player <= 10.3.183.14 / 11.1.102.55 Multiple Vulnerabilities (APSB12-03)
2012-02-17 00:00:00
FreeBSD : linux-flashplugin -- multiple vulnerabilities (f63bf080-619d-11e1-91af-003067b2972c)
2012-02-28 00:00:00
SuSE 11.1 Security Update : flash-player (SAT Patch Number 5817)
2012-02-17 00:00:00
openvas
openvas
FreeBSD Ports: linux-f10-flashplugin
2012-03-12 00:00:00
FreeBSD Ports: linux-f10-flashplugin
2012-03-12 00:00:00
SuSE Update for flash-player openSUSE-SU-2012:0265-1 (flash-player)
2012-08-02 00:00:00
securityvulns
securityvulns
http://www.adobe.com/support/security/bulletins/apsb12-03.html
2012-02-16 00:00:00
Adobe Flash Player multiple security vulnerabilities
2012-06-13 00:00:00
ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability
2012-06-13 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2012-02-15 00:00:00
redhat
redhat
(RHSA-2012:0144) Critical: flash-plugin security update
2012-02-17 00:00:00
seebug
seebug
Adobe Flash Player่ฟœ็จ‹ๅ†…ๅญ˜็ ดๅๆผๆดž(CVE-2012-0752)
2012-02-16 00:00:00
Adobe Flash Player .mp4 'cprt' Overflow"
2014-07-01 00:00:00
Adobe Flash Player่ฟœ็จ‹ๅฎ‰ๅ…จ้™ๅˆถ็ป•่ฟ‡ๆผๆดž
2012-02-16 00:00:00
prion
prion
Design/Logic Flaw
2012-02-16 19:55:00
Design/Logic Flaw
2012-02-16 19:55:00
Memory corruption
2012-02-16 19:55:00
ubuntucve
ubuntucve
CVE-2012-0756
2012-02-16 00:00:00
CVE-2012-0755
2012-02-16 00:00:00
CVE-2012-0751
2012-02-16 00:00:00
cve
cve
CVE-2012-0755
2012-02-16 19:55:00
CVE-2012-0756
2012-02-16 19:55:00
CVE-2012-0751
2012-02-16 19:55:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2012-04-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Insecure Library Loading (APSB12-03; CVE-2012-0756)
2012-02-27 00:00:00
Adobe Flash Player AVM2 Null Dereference Memory Corruption (APSB12-03; CVE-2012-0752)
2012-03-05 00:00:00
Adobe Flash Player ActiveX Control Memory Corruption (APSB12-03; CVE-2012-0751)
2012-02-27 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_MP4_CPRT
2012-02-16 19:55:00
threatpost
threatpost
Paul Judge on Measuring the Hotness of Security
2012-03-05 18:24:07
Months After A Patch, Targeted Attacks Still Using Adobe Flash Bug
2012-05-23 19:12:04
Attackers Target CVE-2012-0754 Adobe Flash Bug
2012-03-05 19:26:32
saint
saint
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
metasploit
metasploit
Adobe Flash Player MP4 'cprt' Overflow
2012-03-09 00:56:58
cisa_kev
cisa_kev
Adobe Flash Player Memory Corruption Vulnerability
2022-06-08 00:00:00
Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability
2022-06-08 00:00:00
attackerkb
attackerkb
CVE-2012-0754
2012-02-16 00:00:00
CVE-2012-0767
2012-02-16 00:00:00
zdi
zdi
Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability
2012-06-06 00:00:00
Adobe Flash ASconstructor Function Call Remote Code Execution Vulnerability
2012-03-22 00:00:00
symantec
symantec
Adobe Flash Player CVE-2012-0754 Remote Memory Corruption Vulnerability
2012-02-15 00:00:00
packetstorm
packetstorm
Adobe Flash Player .mp4 'cprt' Overflow
2012-03-08 00:00:00
exploitdb
exploitdb
Adobe Flash Player - &#039;.mp4 cprt&#039; Remote Overflow (Metasploit)
2012-03-08 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
JSON
Related for OPENSUSE-2012-98.NASL
suse3nessus10openvas12securityvulns3freebsd1redhat1seebug3prion7ubuntucve7cve7gentoo1checkpoint_advisories6canvas1threatpost6saint4metasploit1cisa_kev2attackerkb2zdi2symantec1packetstorm1exploitdb1securelist1