Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_KB2847928.NASL
HistoryJun 11, 2013 - 12:00 a.m.

MS KB2847928: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

2013-06-1100:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

The remote host is missing KB2847928. It is, therefore, affected by memory corruption vulnerabilities related to the installed version of the Adobe Flash ActiveX control that could lead to code execution.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(66870);
  script_version("1.9");
  script_cvs_date("Date: 2019/11/27");

  script_cve_id("CVE-2013-3343");
  script_bugtraq_id(60478);
  script_xref(name:"MSKB", value:"2847928");

  script_name(english:"MS KB2847928: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10");
  script_summary(english:"Checks version of ActiveX control");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an ActiveX control installed that is affected by
memory corruption vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote host is missing KB2847928.  It is, therefore, affected by
memory corruption vulnerabilities related to the installed version of
the Adobe Flash ActiveX control that could lead to code execution.");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb13-16.html");
  script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/2847928/microsoft-security-advisory-update-for-vulnerabilities-in-adobe-flash");
  script_set_attribute(attribute:"solution", value:
"Install Microsoft KB2847928.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-3343");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/06/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/11");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl");
  script_require_keys("SMB/Registry/Enumerated", "SMB/WindowsVersion", "SMB/ProductName");
  script_require_ports(139, 445);

  exit(0);
}

include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_activex_func.inc");
include("misc_func.inc");

get_kb_item_or_exit('SMB/WindowsVersion');
if (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
if (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);

get_kb_item_or_exit("SMB/Registry/Enumerated");
if (activex_init() != ACX_OK)
  audit(AUDIT_FN_FAIL, "activex_init()");

# Adobe Flash Player CLSID
clsid = '{D27CDB6E-AE6D-11cf-96B8-444553540000}';

file = activex_get_filename(clsid:clsid);
if (isnull(file))
{
  activex_end();
  audit(AUDIT_FN_FAIL, "activex_get_filename", "NULL");
}
if (!file)
{
  activex_end();
  audit(AUDIT_ACTIVEX_NOT_FOUND, clsid);
}

# Get its version.
version = activex_get_fileversion(clsid:clsid);
if (!version)
{
  activex_end();
  audit(AUDIT_VER_FAIL, file);
}

info = '';

iver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(iver); i++)
 iver[i] = int(iver[i]);

# < 11.7.700.224
if (
  (report_paranoia > 1 || activex_get_killbit(clsid:clsid) == 0) &&
  (
    iver[0] < 11 ||
    (
      iver[0] == 11 &&
      (
        iver[1] < 7 ||
        (iver[1] == 7 && iver[2] < 700) ||
        (iver[1] == 7 && iver[2] == 700 && iver[3] < 224)
      )
    )
  )
)
{
  info = '\n  Path              : ' + file +
         '\n  Installed version : ' + version +
         '\n  Fixed version     : 11.7.700.224\n';
}

port = kb_smb_transport();

if (info != '')
{
  if (report_verbosity > 0)
  {
    if (report_paranoia > 1)
    {
      report = info +
        '\n' +
        'Note, though, that Nessus did not check whether the kill bit was\n' +
        "set for the control's CLSID because of the Report Paranoia setting" + '\n' +
        'in effect when this scan was run.\n';
    }
    else
    {
      report = info +
        '\n' +
        'Moreover, its kill bit is not set so it is accessible via Internet\n' +
        'Explorer.\n';
    }
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
}
else audit(AUDIT_HOST_NOT, 'affected');
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows
adobeflash_playercpe:/a:adobe:flash_player

Related

openvas 13
nessus 10
mageia 1
freebsd 1
redhat 1
ubuntucve 1
checkpoint_advisories 1
suse 2
prion 1
cve 1
securityvulns 1
gentoo 1
openvas
openvas
Adobe Flash Player Remote Code Execution Vulnerability -June13 (Windows)
2013-06-18 00:00:00
Adobe Flash Player Remote Code Execution Vulnerability (Jun 2013) - Mac OS X
2013-06-18 00:00:00
Adobe Flash Player Remote Code Execution Vulnerability (Jun 2013) - Windows
2013-06-18 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2013:1063-1)
2014-06-13 00:00:00
Flash Player <= 10.3.183.86 / 11.7.700.202 Memory Corruption (APSB13-16)
2013-06-11 00:00:00
Adobe AIR for Mac <= 3.7.0.1860 Memory Corruption (APSB13-16)
2013-06-11 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes memory corruption vulnerability
2013-06-19 14:30:28
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2013-06-11 00:00:00
redhat
redhat
(RHSA-2013:0941) Critical: flash-plugin security update
2013-06-12 00:00:00
ubuntucve
ubuntucve
CVE-2013-3343
2013-06-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB13-16; CVE-2013-3343)
2013-06-23 00:00:00
suse
suse
Security update for flash-player (important)
2013-06-18 20:04:17
Security update for flash-player (important)
2013-07-01 20:04:15
prion
prion
Memory corruption
2013-06-12 03:30:00
cve
cve
CVE-2013-3343
2013-06-12 03:30:00
securityvulns
securityvulns
Adobe Shockwave Player multiple security vulnerabilities
2013-07-15 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2013-09-14 00:00:00
JSON
Related for SMB_KB2847928.NASL
openvas13nessus10mageia1freebsd1redhat1ubuntucve1checkpoint_advisories1suse2prion1cve1securityvulns1gentoo1