Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_4_FLASH-PLAYER-110614.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update flash-player-4716.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(75836);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2011-2110");
script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)");
script_summary(english:"Check for the flash-player-4716 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"A critical vulnerability has been identified in Adobe Flash Player
10.3.181.23 and earlier versions for Windows, Macintosh, Linux and
Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for
Android. This memory corruption vulnerability (CVE-2011-2110) could
cause a crash and potentially allow an attacker to take control of the
affected system. There are reports that this vulnerability is being
exploited in the wild in targeted attacks via malicious Web pages."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=699942"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00027.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected flash-player package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4");
script_set_attribute(attribute:"patch_publication_date", value:"2011/06/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.4", reference:"flash-player-10.3.181.26-0.2.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
}
Related
seebug
seebug
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
2014-07-01 00:00:00
Adobe Flash PlayerθΏη¨ε
εη ΄εζΌζ΄
2011-06-17 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)
2014-06-13 00:00:00
Flash Player for Mac < 10.3.181.26 Remote Memory Corruption (APSB11-18)
2011-06-15 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7571)
2011-12-13 00:00:00
saint
saint
Adobe Flash Player ActionScript Function Arguments Code Execution
2011-08-22 00:00:00
Adobe Flash Player ActionScript Function Arguments Code Execution
2011-08-22 00:00:00
Adobe Flash Player ActionScript Function Arguments Code Execution
2011-08-22 00:00:00
suse
suse
flash-player: Update to 10.3.181.26 (critical)
2011-06-15 15:08:17
flash-player (critical)
2011-06-15 17:08:19
threatpost
threatpost
Attackers Exploiting Critical Flash Bug Via Drive-By Download
2011-06-20 08:24:11
Zero Day Flaws Overvalued Says New Microsoft Report
2011-10-11 17:41:11
ExploitHub Offering Bounties β And Residuals β for Exploits
2011-10-05 13:11:31
prion
prion
Memory corruption
2011-06-16 23:55:00
securityvulns
securityvulns
Adobe Flash Player memory corruption
2011-06-17 00:00:00
canvas
canvas
Immunity Canvas: FLASH_APSB11_18
2011-06-16 23:55:00
openvas
openvas
FreeBSD Ports: linux-flashplugin
2011-08-03 00:00:00
FreeBSD Ports: linux-flashplugin
2011-08-03 00:00:00
Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)
2012-02-12 00:00:00
metasploit
metasploit
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
2012-06-20 02:52:37
cve
cve
CVE-2011-2110
2011-06-16 23:55:00
redhat
redhat
(RHSA-2011:0869) Critical: flash-plugin security update
2011-06-15 00:00:00
ubuntucve
ubuntucve
CVE-2011-2110
2011-06-16 00:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
2012-06-20 00:00:00
freebsd
freebsd
linux-flashplugin -- remote code execution vulnerability
2011-05-13 00:00:00
exploitdb
exploitdb
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00
Related for SUSE_11_4_FLASH-PLAYER-110614.NASL