Lucene search
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2009-1188.NASLHistoryJan 24, 2013 - 12:00 a.m.
RHEL 5 : flash-plugin (RHSA-2009:1188)
2013-01-2400:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the Red Hat Security Response Team.
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.
Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, possibly, execute arbitrary code when the victim loaded a page containing the specially crafted SWF content. (CVE-2009-1862, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1868, CVE-2009-1869)
A clickjacking flaw was discovered in Flash Player. A specially crafted SWF file could trick a user into unintentionally or mistakenly clicking a link or a dialog. (CVE-2009-1867)
A flaw was found in the Flash Player local sandbox. A specially crafted SWF file could cause information disclosure when it was saved to the hard drive. (CVE-2009-1870)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.0.32.18.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2009:1188. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(63886);
script_version("1.23");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/08");
script_cve_id(
"CVE-2009-1862",
"CVE-2009-1863",
"CVE-2009-1864",
"CVE-2009-1865",
"CVE-2009-1866",
"CVE-2009-1867",
"CVE-2009-1868",
"CVE-2009-1869",
"CVE-2009-1870"
);
script_bugtraq_id(35759);
script_xref(name:"RHSA", value:"2009:1188");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");
script_name(english:"RHEL 5 : flash-plugin (RHSA-2009:1188)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing a security update.");
script_set_attribute(attribute:"description", value:
"An updated Adobe Flash Player package that fixes multiple security
issues is now available for Red Hat Enterprise Linux 5 Supplementary.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
The flash-plugin package contains a Mozilla Firefox compatible Adobe
Flash Player web browser plug-in.
Multiple security flaws were found in the way Flash Player displayed
certain SWF content. An attacker could use these flaws to create a
specially crafted SWF file that would cause flash-plugin to crash or,
possibly, execute arbitrary code when the victim loaded a page
containing the specially crafted SWF content. (CVE-2009-1862,
CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866,
CVE-2009-1868, CVE-2009-1869)
A clickjacking flaw was discovered in Flash Player. A specially
crafted SWF file could trick a user into unintentionally or mistakenly
clicking a link or a dialog. (CVE-2009-1867)
A flaw was found in the Flash Player local sandbox. A specially
crafted SWF file could cause information disclosure when it was saved
to the hard drive. (CVE-2009-1870)
All users of Adobe Flash Player should install this updated package,
which upgrades Flash Player to version 10.0.32.18.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1862");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1863");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1864");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1865");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1866");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1867");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1868");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1869");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1870");
script_set_attribute(attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb09-10.html");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2009:1188");
script_set_attribute(attribute:"solution", value:
"Update the affected flash-plugin package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2009-1869");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_cwe_id(59, 94, 119, 189, 200, 264);
script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/23");
script_set_attribute(attribute:"patch_publication_date", value:"2009/07/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2009:1188";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL5", reference:"flash-plugin-10.0.32.18-2.el5")) flag++;
if (flag)
{
flash_plugin_caveat = '\n' +
'NOTE: This vulnerability check only applies to RedHat released\n' +
'versions of the flash-plugin package. This check does not apply to\n' +
'Adobe released versions of the flash-plugin package, which are\n' +
'versioned similarly and cause collisions in detection.\n\n' +
'If you are certain you are running the Adobe released package of\n' +
'flash-plugin and are running a version of it equal or higher to the\n' +
'RedHat version listed above then you can consider this a false\n' +
'positive.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | flash-plugin | p-cpe:/a:redhat:enterprise_linux:flash-plugin |
| redhat | enterprise_linux | 5 | cpe:/o:redhat:enterprise_linux:5 |
| redhat | enterprise_linux | 5.3 | cpe:/o:redhat:enterprise_linux:5.3 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1865
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1866
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1868
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1869
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1870
access.redhat.com/errata/RHSA-2009:1188
access.redhat.com/security/cve/cve-2009-1862
access.redhat.com/security/cve/cve-2009-1863
access.redhat.com/security/cve/cve-2009-1864
access.redhat.com/security/cve/cve-2009-1865
access.redhat.com/security/cve/cve-2009-1866
access.redhat.com/security/cve/cve-2009-1867
access.redhat.com/security/cve/cve-2009-1868
access.redhat.com/security/cve/cve-2009-1869
access.redhat.com/security/cve/cve-2009-1870
www.adobe.com/support/security/bulletins/apsb09-10.html
Related
nessus
nessus
Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)
2009-07-31 00:00:00
RHEL 3 / 4 : flash-plugin (RHSA-2009:1189)
2013-01-24 00:00:00
Mac OS X 10.6 < 10.6.1 Multiple Vulnerabilities
2009-09-11 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1188
2009-08-17 00:00:00
RedHat Security Advisory RHSA-2009:1189
2009-08-17 00:00:00
RedHat Security Advisory RHSA-2009:1188
2009-08-17 00:00:00
gentoo
gentoo
Adobe products: Multiple vulnerabilities
2009-08-07 00:00:00
redhat
redhat
(RHSA-2009:1188) Critical: flash-plugin security update
2009-07-31 00:00:00
(RHSA-2009:1189) Critical: flash-plugin security update
2009-07-31 00:00:00
seebug
seebug
Adobe Flash PlayerๅAIRๅญๅจๅคไธชๅฎๅ
จๆผๆด
2009-07-31 00:00:00
suse
suse
remote code execution in flash-player
2009-08-05 14:55:37
securityvulns
securityvulns
prion
prion
Stack overflow
2009-07-31 19:30:00
Null pointer dereference
2009-07-31 19:30:00
Spoofing
2009-07-31 19:30:00
cve
cve
ubuntucve
ubuntucve
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player ActionScript intrf_count Integer Overflow (CVE-2009-1869)
2010-07-18 00:00:00
Adobe Acrobat authplay.dll Memory Corruption - Ver2 (CVE-2009-1862)
2014-04-16 00:00:00
cisa_kev
cisa_kev
Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability
2022-06-08 00:00:00
saint
saint
Adobe Flash Player authplay.dll vulnerability
2009-08-26 00:00:00
Adobe Flash Player authplay.dll vulnerability
2009-08-26 00:00:00
Adobe Flash Player authplay.dll vulnerability
2009-08-26 00:00:00
cert
cert
Adobe Flash vulnerability affects Flash Player and other Adobe products
2009-07-22 00:00:00
canvas
canvas
Immunity Canvas: ACROBAT_FLASH
2009-07-23 20:30:00
attackerkb
attackerkb
CVE-2009-1862
2009-07-23 00:00:00
thn
thn
Phoenix Exploit's Kit 2.8 mini version
2011-10-12 17:41:00
Related for REDHAT-RHSA-2009-1188.NASL