Lucene search
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_KB2880289.NASLHistorySep 11, 2013 - 12:00 a.m.
MS KB2880289: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
2013-09-1100:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.066 Low
EPSS
Percentile
93.8%
The remote host is missing KB2880289. It is, therefore, affected by memory corruption vulnerabilities in the installed version of the Adobe Flash ActiveX control, which could lead to code execution.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(69840);
script_version("1.8");
script_cvs_date("Date: 2019/11/27");
script_cve_id(
"CVE-2013-3361",
"CVE-2013-3362",
"CVE-2013-3363",
"CVE-2013-5324"
);
script_bugtraq_id(
62290,
62294,
62295,
62296
);
script_xref(name:"MSKB", value:"2880289");
script_name(english:"MS KB2880289: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10");
script_summary(english:"Checks version of ActiveX control");
script_set_attribute(attribute:"synopsis", value:
"The remote host has an ActiveX control installed that is affected by
memory corruption vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote host is missing KB2880289. It is, therefore, affected by
memory corruption vulnerabilities in the installed version of the Adobe
Flash ActiveX control, which could lead to code execution.");
script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb13-21.html");
script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801");
script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/2880289/microsoft-security-advisory-update-for-vulnerabilities-in-adobe-flash");
script_set_attribute(attribute:"solution", value:
"Install Microsoft KB2880289.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-5324");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/09/10");
script_set_attribute(attribute:"patch_publication_date", value:"2013/09/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smb_hotfixes.nasl");
script_require_keys("SMB/Registry/Enumerated", "SMB/WindowsVersion", "SMB/ProductName");
script_require_ports(139, 445);
exit(0);
}
include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_activex_func.inc");
include("misc_func.inc");
get_kb_item_or_exit('SMB/WindowsVersion');
if (hotfix_check_sp_range(win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
if (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);
get_kb_item_or_exit("SMB/Registry/Enumerated");
if (activex_init() != ACX_OK) audit(AUDIT_FN_FAIL, "activex_init()");
# Adobe Flash Player CLSID
clsid = '{D27CDB6E-AE6D-11cf-96B8-444553540000}';
file = activex_get_filename(clsid:clsid);
if (isnull(file))
{
activex_end();
audit(AUDIT_FN_FAIL, "activex_get_filename", "NULL");
}
if (!file)
{
activex_end();
audit(AUDIT_ACTIVEX_NOT_FOUND, clsid);
}
# Get its version.
version = activex_get_fileversion(clsid:clsid);
if (!version)
{
activex_end();
audit(AUDIT_VER_FAIL, file);
}
info = '';
iver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(iver); i++)
iver[i] = int(iver[i]);
# < 11.8.800.168
if (
(report_paranoia > 1 || activex_get_killbit(clsid:clsid) == 0) &&
(
iver[0] < 11 ||
(
iver[0] == 11 &&
(
iver[1] < 8 ||
(iver[1] == 8 && iver[2] < 800) ||
(iver[1] == 8 && iver[2] == 800 && iver[3] < 168)
)
)
)
)
{
info = '\n Path : ' + file +
'\n Installed version : ' + version +
'\n Fixed version : 11.8.800.168\n';
}
port = kb_smb_transport();
if (info != '')
{
if (report_verbosity > 0)
{
if (report_paranoia > 1)
{
report = info +
'\n' +
'Note, though, that Nessus did not check whether the kill bit was\n' +
"set for the control's CLSID because of the Report Paranoia setting" + '\n' +
'in effect when this scan was run.\n';
}
else
{
report = info +
'\n' +
'Moreover, its kill bit is not set so it is accessible via Internet\n' +
'Explorer.\n';
}
security_hole(port:port, extra:report);
}
else security_hole(port);
}
else audit(AUDIT_HOST_NOT, 'affected');
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows | cpe:/o:microsoft:windows | |
| adobe | flash_player | cpe:/a:adobe:flash_player |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3361
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3362
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3363
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5324
www.adobe.com/support/security/bulletins/apsb13-21.html
docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801
support.microsoft.com/en-us/help/2880289/microsoft-security-advisory-update-for-vulnerabilities-in-adobe-flash
Related
nessus
nessus
Flash Player for Mac <= 11.7.700.232 / 11.8.800.94 Memory Corruptions (APSB13-21)
2013-09-13 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2013:1456-1)
2014-06-13 00:00:00
Adobe AIR for Mac <= 3.8.0.910 Memory Corruptions (APSB13-21)
2013-09-13 00:00:00
prion
prion
Memory corruption
2013-09-12 13:28:00
Memory corruption
2013-09-12 13:28:00
Memory corruption
2013-09-12 13:28:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0273)
2022-01-28 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2013) - Linux
2013-09-18 00:00:00
Adobe AIR Multiple Vulnerabilities-01 (Sep 2013) - Mac OS X
2013-09-18 00:00:00
nvd
nvd
cvelist
cvelist
cve
cve
redhat
redhat
(RHSA-2013:1256) Critical: flash-plugin security update
2013-09-11 00:00:00
suse
suse
update for flash-player (important)
2013-09-17 12:04:12
Security update for flash-player (important)
2013-09-18 14:05:20
ubuntucve
ubuntucve
mageia
mageia
Updated flash-player-plugin package fixes critical security vulnerabilities
2013-09-14 00:12:04
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2013-09-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB13-21: CVE-2013-5324)
2013-12-02 00:00:00
Adobe Flash Player Memory Corruption (APSB13-21: CVE-2013-3362)
2013-11-26 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2013-09-14 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.066 Low
EPSS
Percentile
93.8%
Related for SMB_KB2880289.NASL