10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.929 High
EPSS
Percentile
99.0%
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player.
These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
(CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440, CVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445, CVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.554.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2015:2593. The text
# itself is copyright (C) Red Hat, Inc.
#
include("compat.inc");
if (description)
{
script_id(87304);
script_version("1.25");
script_cvs_date("Date: 2019/10/24 15:35:40");
script_cve_id("CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455", "CVE-2015-8456", "CVE-2015-8457", "CVE-2015-8652", "CVE-2015-8653", "CVE-2015-8654", "CVE-2015-8655", "CVE-2015-8656", "CVE-2015-8657", "CVE-2015-8658", "CVE-2015-8820", "CVE-2015-8821", "CVE-2015-8822", "CVE-2015-8823");
script_xref(name:"RHSA", value:"2015:2593");
script_name(english:"RHEL 5 / 6 : flash-plugin (RHSA-2015:2593)");
script_summary(english:"Checks the rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"An updated Adobe Flash Player package that fixes multiple security
issues is now available for Red Hat Enterprise Linux 5 and 6
Supplementary.
Red Hat Product Security has rated this update as having Critical
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
The flash-plugin package contains a Mozilla Firefox compatible Adobe
Flash Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player.
These vulnerabilities, detailed in the Adobe Security Bulletin
APSB15-32 listed in the References section, could allow an attacker to
create a specially crafted SWF file that would cause flash-plugin to
crash, execute arbitrary code, or disclose sensitive information when
the victim loaded a page containing the malicious SWF content.
(CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049,
CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057,
CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,
CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,
CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069,
CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402,
CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,
CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,
CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414,
CVE-2015-8415, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,
CVE-2015-8419, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422,
CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,
CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,
CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434,
CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8438,
CVE-2015-8439, CVE-2015-8440, CVE-2015-8441, CVE-2015-8442,
CVE-2015-8443, CVE-2015-8444, CVE-2015-8445, CVE-2015-8446,
CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,
CVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454,
CVE-2015-8455)
All users of Adobe Flash Player should install this updated package,
which upgrades Flash Player to version 11.2.202.554."
);
script_set_attribute(
attribute:"see_also",
value:"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2015:2593"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8443"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8438"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8441"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8440"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8447"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8446"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8445"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8442"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8449"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8448"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8427"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8429"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8067"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8453"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8452"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8066"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8455"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8047"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8068"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8045"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8444"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8428"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8061"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8060"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8063"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8062"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8065"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8064"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8049"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8048"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8410"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8411"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8412"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8413"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8414"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8415"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8416"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8417"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8418"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8419"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8430"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8431"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8436"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8437"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8434"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8435"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8069"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8454"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8432"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8439"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8433"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8426"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8050"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8055"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8056"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8057"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8058"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8059"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8070"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8071"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8450"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8451"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8407"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8406"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8405"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8404"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8403"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8402"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8401"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8421"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8420"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8423"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8422"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8425"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8424"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8409"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8408"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8456"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8457"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8652"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8653"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8654"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8655"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8656"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8657"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8658"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8820"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8821"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8822"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-8823"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected flash-plugin package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.7");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/10");
script_set_attribute(attribute:"patch_publication_date", value:"2015/12/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/10");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2015:2593";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL5", reference:"flash-plugin-11.2.202.554-1.el5")) flag++;
if (rpm_check(release:"RHEL6", reference:"flash-plugin-11.2.202.554-1.el6_7")) flag++;
if (flag)
{
flash_plugin_caveat = '\n' +
'NOTE: This vulnerability check only applies to RedHat released\n' +
'versions of the flash-plugin package. This check does not apply to\n' +
'Adobe released versions of the flash-plugin package, which are\n' +
'versioned similarly and cause collisions in detection.\n\n' +
'If you are certain you are running the Adobe released package of\n' +
'flash-plugin and are running a version of it equal or higher to the\n' +
'RedHat version listed above then you can consider this a false\n' +
'positive.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin");
}
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | enterprise_linux | flash-plugin | p-cpe:/a:redhat:enterprise_linux:flash-plugin |
redhat | enterprise_linux | 5 | cpe:/o:redhat:enterprise_linux:5 |
redhat | enterprise_linux | 6 | cpe:/o:redhat:enterprise_linux:6 |
redhat | enterprise_linux | 6.7 | cpe:/o:redhat:enterprise_linux:6.7 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8049
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8057
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8403
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8404
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8406
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8410
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8411
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8419
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8420
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8421
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8424
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8425
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8426
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8427
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8431
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8433
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8453
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8456
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8823
access.redhat.com/errata/RHSA-2015:2593
access.redhat.com/security/cve/cve-2015-8045
access.redhat.com/security/cve/cve-2015-8047
access.redhat.com/security/cve/cve-2015-8048
access.redhat.com/security/cve/cve-2015-8049
access.redhat.com/security/cve/cve-2015-8050
access.redhat.com/security/cve/cve-2015-8055
access.redhat.com/security/cve/cve-2015-8056
access.redhat.com/security/cve/cve-2015-8057
access.redhat.com/security/cve/cve-2015-8058
access.redhat.com/security/cve/cve-2015-8059
access.redhat.com/security/cve/cve-2015-8060
access.redhat.com/security/cve/cve-2015-8061
access.redhat.com/security/cve/cve-2015-8062
access.redhat.com/security/cve/cve-2015-8063
access.redhat.com/security/cve/cve-2015-8064
access.redhat.com/security/cve/cve-2015-8065
access.redhat.com/security/cve/cve-2015-8066
access.redhat.com/security/cve/cve-2015-8067
access.redhat.com/security/cve/cve-2015-8068
access.redhat.com/security/cve/cve-2015-8069
access.redhat.com/security/cve/cve-2015-8070
access.redhat.com/security/cve/cve-2015-8071
access.redhat.com/security/cve/cve-2015-8401
access.redhat.com/security/cve/cve-2015-8402
access.redhat.com/security/cve/cve-2015-8403
access.redhat.com/security/cve/cve-2015-8404
access.redhat.com/security/cve/cve-2015-8405
access.redhat.com/security/cve/cve-2015-8406
access.redhat.com/security/cve/cve-2015-8407
access.redhat.com/security/cve/cve-2015-8408
access.redhat.com/security/cve/cve-2015-8409
access.redhat.com/security/cve/cve-2015-8410
access.redhat.com/security/cve/cve-2015-8411
access.redhat.com/security/cve/cve-2015-8412
access.redhat.com/security/cve/cve-2015-8413
access.redhat.com/security/cve/cve-2015-8414
access.redhat.com/security/cve/cve-2015-8415
access.redhat.com/security/cve/cve-2015-8416
access.redhat.com/security/cve/cve-2015-8417
access.redhat.com/security/cve/cve-2015-8418
access.redhat.com/security/cve/cve-2015-8419
access.redhat.com/security/cve/cve-2015-8420
access.redhat.com/security/cve/cve-2015-8421
access.redhat.com/security/cve/cve-2015-8422
access.redhat.com/security/cve/cve-2015-8423
access.redhat.com/security/cve/cve-2015-8424
access.redhat.com/security/cve/cve-2015-8425
access.redhat.com/security/cve/cve-2015-8426
access.redhat.com/security/cve/cve-2015-8427
access.redhat.com/security/cve/cve-2015-8428
access.redhat.com/security/cve/cve-2015-8429
access.redhat.com/security/cve/cve-2015-8430
access.redhat.com/security/cve/cve-2015-8431
access.redhat.com/security/cve/cve-2015-8432
access.redhat.com/security/cve/cve-2015-8433
access.redhat.com/security/cve/cve-2015-8434
access.redhat.com/security/cve/cve-2015-8435
access.redhat.com/security/cve/cve-2015-8436
access.redhat.com/security/cve/cve-2015-8437
access.redhat.com/security/cve/cve-2015-8438
access.redhat.com/security/cve/cve-2015-8439
access.redhat.com/security/cve/cve-2015-8440
access.redhat.com/security/cve/cve-2015-8441
access.redhat.com/security/cve/cve-2015-8442
access.redhat.com/security/cve/cve-2015-8443
access.redhat.com/security/cve/cve-2015-8444
access.redhat.com/security/cve/cve-2015-8445
access.redhat.com/security/cve/cve-2015-8446
access.redhat.com/security/cve/cve-2015-8447
access.redhat.com/security/cve/cve-2015-8448
access.redhat.com/security/cve/cve-2015-8449
access.redhat.com/security/cve/cve-2015-8450
access.redhat.com/security/cve/cve-2015-8451
access.redhat.com/security/cve/cve-2015-8452
access.redhat.com/security/cve/cve-2015-8453
access.redhat.com/security/cve/cve-2015-8454
access.redhat.com/security/cve/cve-2015-8455
access.redhat.com/security/cve/cve-2015-8456
access.redhat.com/security/cve/cve-2015-8457
access.redhat.com/security/cve/cve-2015-8652
access.redhat.com/security/cve/cve-2015-8653
access.redhat.com/security/cve/cve-2015-8654
access.redhat.com/security/cve/cve-2015-8655
access.redhat.com/security/cve/cve-2015-8656
access.redhat.com/security/cve/cve-2015-8657
access.redhat.com/security/cve/cve-2015-8658
access.redhat.com/security/cve/cve-2015-8820
access.redhat.com/security/cve/cve-2015-8821
access.redhat.com/security/cve/cve-2015-8822
access.redhat.com/security/cve/cve-2015-8823
helpx.adobe.com/security/products/flash-player/apsb15-32.html
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.929 High
EPSS
Percentile
99.0%