Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 Greenbone AGOPENVAS:1361412562310802485
HistoryNov 02, 2012 - 12:00 a.m.

Adobe Shockwave Player Multiple Vulnerabilities (Nov 2012) - Windows

2012-11-0200:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
5

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.197 Low

EPSS

Percentile

96.3%

JSON

Adobe Shockwave Player is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.802485");
  script_version("2024-02-20T14:37:13+0000");
  script_cve_id("CVE-2012-4172", "CVE-2012-4173", "CVE-2012-4174", "CVE-2012-4175",
                "CVE-2012-4176", "CVE-2012-5273");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-20 14:37:13 +0000 (Tue, 20 Feb 2024)");
  script_tag(name:"creation_date", value:"2012-11-02 15:48:07 +0530 (Fri, 02 Nov 2012)");
  script_name("Adobe Shockwave Player Multiple Vulnerabilities (Nov 2012) - Windows");
  script_xref(name:"URL", value:"http://seclists.org/cert/2012/108");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56187");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56188");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56190");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56193");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56194");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/56195");
  script_xref(name:"URL", value:"http://secunia.com/advisories/51090/");
  script_xref(name:"URL", value:"http://www.securitytracker.com/id/1027692");
  script_xref(name:"URL", value:"http://www.adobe.com/support/security/bulletins/apsb12-23.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_adobe_shockwave_player_detect.nasl");
  script_mandatory_keys("Adobe/ShockwavePlayer/Ver");
  script_tag(name:"impact", value:"Successful exploitation will allow an attacker to cause denial of service or
  execute arbitrary code by tricking a user into visiting a specially crafted
  web page.");
  script_tag(name:"affected", value:"Adobe Shockwave Player Versions prior to 11.6.8.638 on Windows");
  script_tag(name:"insight", value:"The flaws are due to memory corruption errors and array indexing error
  when processing malformed file.");
  script_tag(name:"solution", value:"Upgrade to Adobe Shockwave Player 11.6.8.638 or later.");
  script_tag(name:"summary", value:"Adobe Shockwave Player is prone to multiple vulnerabilities.");
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

shockVer = get_kb_item("Adobe/ShockwavePlayer/Ver");
if(!shockVer){
  exit(0);
}

if(version_is_less(version:shockVer, test_version:"11.6.8.638")){
  report = report_fixed_ver(installed_version:shockVer, fixed_version:"11.6.8.638");
  security_message(port:0, data:report);
}

Related

nessus 2
openvas 3
threatpost 1
cert 1
cve 6
prion 6
cvelist 6
nvd 6
nessus
nessus
Adobe Shockwave Player <= 11.6.7.637 Multiple Vulnerabilities (APSB12-23) (Mac OS X)
2014-12-22 00:00:00
Shockwave Player <= 11.6.7.637 Multiple Vulnerabilities (APSB12-23)
2012-10-25 00:00:00
openvas
openvas
Adobe Shockwave Player Multiple Vulnerabilities Nov-2012 (Windows)
2012-11-02 00:00:00
Adobe Shockwave Player Multiple Vulnerabilities Nov-2012 (MAC OS X)
2012-11-02 00:00:00
Adobe Shockwave Player Multiple Vulnerabilities (Nov 2012) - Mac OS X
2012-11-02 00:00:00
threatpost
threatpost
Adobe Plugs Several Buffer Overflow Holes in Shockwave Player
2012-10-23 15:18:52
cert
cert
Adobe Shockwave 11.6.7.637 contains multiple exploitable vulnerabilities
2012-10-23 00:00:00
cve
cve
CVE-2012-4175
2012-10-23 23:55:01
CVE-2012-4173
2012-10-23 23:55:01
CVE-2012-4174
2012-10-23 23:55:01
prion
prion
Buffer overflow
2012-10-23 23:55:00
Buffer overflow
2012-10-23 23:55:00
Buffer overflow
2012-10-23 23:55:00
cvelist
cvelist
CVE-2012-4173
2012-10-23 23:00:00
CVE-2012-4175
2012-10-23 23:00:00
CVE-2012-4174
2012-10-23 23:00:00
nvd
nvd
CVE-2012-4173
2012-10-23 23:55:01
CVE-2012-4172
2012-10-23 23:55:01
CVE-2012-5273
2012-10-23 23:55:01

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.197 Low

EPSS

Percentile

96.3%

JSON
Related for OPENVAS:1361412562310802485
nessus2openvas3threatpost1cert1cve6prion6cvelist6nvd6