Lucene search
Copyright (C) 2014 Greenbone AGOPENVAS:1361412562310804538HistoryApr 11, 2014 - 12:00 a.m.
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Mac OS X
2014-04-1100:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
12
6.4 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.025 Low
EPSS
Percentile
90.0%
Adobe Flash Player is prone to multiple vulnerabilities.
# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:adobe:flash_player";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.804538");
script_version("2024-02-09T05:06:25+0000");
script_cve_id("CVE-2014-0507", "CVE-2014-0508", "CVE-2014-0509");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
script_tag(name:"creation_date", value:"2014-04-11 13:09:05 +0530 (Fri, 11 Apr 2014)");
script_name("Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Mac OS X");
script_tag(name:"summary", value:"Adobe Flash Player is prone to multiple vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Multiple flaws are due to:
- An error related to regular expressions in ActionScript.
- An use-after-free error and multiple unspecified errors.");
script_tag(name:"impact", value:"Successful exploitation will allow attackers to conduct cross-site scripting
attacks, bypass certain security restrictions, and compromise a user's system.");
script_tag(name:"affected", value:"Adobe Flash Player version before 11.7.700.275 and 11.8.x through 13.0.x
before 13.0.0.182 on Mac OS X");
script_tag(name:"solution", value:"Update to Adobe Flash Player version 11.7.700.275 or 13.0.0.182 or later.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"http://secunia.com/advisories/57661");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/66699");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/66701");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/66703");
script_xref(name:"URL", value:"http://helpx.adobe.com/security/products/flash-player/apsb14-09.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2014 Greenbone AG");
script_family("General");
script_dependencies("secpod_adobe_prdts_detect_macosx.nasl");
script_mandatory_keys("Adobe/Flash/Player/MacOSX/Version");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!playerVer = get_app_version(cpe:CPE)){
exit(0);
}
if(version_is_less(version:playerVer, test_version:"11.7.700.275") ||
version_in_range(version:playerVer, test_version:"11.8.0", test_version2:"13.0.0.181"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
Related
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Windows
2014-04-11 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Linux
2014-04-11 00:00:00
Mageia: Security Advisory (MGASA-2014-0169)
2022-01-28 00:00:00
suse
suse
Security update for flash-player (important)
2014-04-16 19:04:49
nessus
nessus
MS KB2942844: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2014-04-08 00:00:00
RHEL 5 / 6 : flash-plugin (RHSA-2014:0380)
2014-04-10 00:00:00
Adobe AIR for Mac <= 4.0.0.1628 Multiple Vulnerabilities (APSB14-09)
2014-04-09 00:00:00
redhat
redhat
(RHSA-2014:0380) Critical: flash-plugin security update
2014-04-09 00:00:00
altlinux
altlinux
mageia
mageia
Updated flash-player-plugin package fixes multiple vulnerabilities
2014-04-09 19:40:40
seebug
seebug
Adobe Flash Player/AIR未明跨站脚本漏洞
2014-04-11 00:00:00
Adobe Flash Player/AIR未明安全绕过信息泄漏漏洞
2014-04-11 00:00:00
Adobe Flash Player/AIR未明缓冲区溢出漏洞
2014-04-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Cross-Site Scripting (APSB14-09: CVE-2014-0509)
2014-04-13 00:00:00
Adobe Flash Player Information Disclosure (APSB14-09: CVE-2014-0508)
2014-04-10 00:00:00
Adobe Flash Player Use After Free Code Execution (APSB14-09: CVE-2014-0507)
2014-04-09 00:00:00
cvelist
cvelist
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2014-04-08 23:55:00
Cross site scripting
2014-04-08 23:55:00
Buffer overflow
2014-04-08 23:55:00
cve
cve
hackerone
hackerone
Internet Bug Bounty: Flash local-with-fileaccess Sandbox Bypass
2014-02-21 01:47:59
zdi
zdi
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-05-03 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2014-05-04 00:00:00
6.4 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.025 Low
EPSS
Percentile
90.0%
Related for OPENVAS:1361412562310804538