Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310902750
HistoryNov 16, 2011 - 12:00 a.m.

Adobe Flash Player/Air Multiple Vulnerabilities (Nov 2011) - Windows

2011-11-1600:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
9

9.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

Adobe Flash Player/Air is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.902750");
  script_version("2024-02-08T14:36:53+0000");
  script_cve_id("CVE-2011-2445", "CVE-2011-2450", "CVE-2011-2451", "CVE-2011-2452",
                "CVE-2011-2453", "CVE-2011-2454", "CVE-2011-2455", "CVE-2011-2456",
                "CVE-2011-2457", "CVE-2011-2458", "CVE-2011-2459", "CVE-2011-2460");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
  script_tag(name:"creation_date", value:"2011-11-16 11:45:29 +0530 (Wed, 16 Nov 2011)");
  script_name("Adobe Flash Player/Air Multiple Vulnerabilities (Nov 2011) - Windows");

  script_xref(name:"URL", value:"http://secunia.com/advisories/46818/");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50618");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50619");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50620");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50621");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50622");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50623");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50624");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50625");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50626");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50627");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50628");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50629");
  script_xref(name:"URL", value:"http://www.adobe.com/support/security/bulletins/apsb11-28.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("General");
  script_dependencies("gb_adobe_flash_player_detect_win.nasl");
  script_mandatory_keys("Adobe/Air_or_Flash_or_Reader_or_Acrobat/Win/Installed");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to execute arbitrary
  code or cause a denial of service (memory corruption) via unspecified vectors.");

  script_tag(name:"affected", value:"Adobe AIR version prior to 3.1.0.4880 on Windows

  Adobe Flash Player version prior to 10.3.183.11 and 11.x through 11.0.1.152 on Windows.");

  script_tag(name:"insight", value:"The flaws are due to memory corruption, heap corruption, buffer
  overflow, stack overflow errors that could lead to code execution.");

  script_tag(name:"summary", value:"Adobe Flash Player/Air is prone to multiple vulnerabilities.");

  script_tag(name:"solution", value:"Update to Adobe Air version 3.1.0.4880 or later

  Update to Adobe Flash Player version 10.3.183.11 or 11.1.102.55 or later");

  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

cpe_list = make_list("cpe:/a:adobe:flash_player",
                     "cpe:/a:adobe:adobe_air");

if(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];
cpe  = infos["cpe"];

if(cpe == "cpe:/a:adobe:flash_player") {
  if(version_is_less(version:vers, test_version:"10.3.183.11") ||
    version_in_range(version:vers, test_version:"11.0", test_version2:"11.0.1.152")) {
    report = report_fixed_ver(installed_version:vers, fixed_version:"10.3.183.11 or 11.1.102.55", install_path:path);
    security_message(port:0, data:report);
    exit(0);
  }
} else if(cpe == "cpe:/a:adobe:adobe_air") {
  if(version_is_less(version:vers, test_version:"3.1.0.4880")) {
    report = report_fixed_ver(installed_version:vers, fixed_version:"3.1.0.4880", install_path:path);
    security_message(port:0, data:report);
    exit(0);
  }
}

exit(99);

Related

nessus 17
suse 4
openvas 9
freebsd 1
securityvulns 2
redhat 1
prion 12
ubuntucve 12
cve 12
gentoo 1
seebug 1
checkpoint_advisories 12
symantec 1
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-2)
2014-06-13 00:00:00
Adobe AIR <= 3.0 Multiple Vulnerabilities (APSB11-28)
2011-11-28 00:00:00
Oracle Solaris Third-Party Patch Update : flash (multiple_vulnerabilities_in_adobe_flashplayer4)
2015-01-19 00:00:00
suse
suse
Security update for flash-player (critical)
2011-11-15 16:08:21
VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)
2011-11-15 14:08:24
VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)
2011-11-16 17:08:30
openvas
openvas
Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (Windows)
2011-11-16 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (MAC OS X)
2011-11-16 00:00:00
Adobe Flash Player Multiple Vulnerabilities (Nov 2011) - Linux
2011-11-16 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-11-10 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2011-12-26 00:00:00
VUPEN Security Research - Adobe Flash Player &quot;SAlign&quot; Memory Corruption Vulnerability &#40;CVE-2011-2459&#41;
2011-12-26 00:00:00
redhat
redhat
(RHSA-2011:1445) Critical: flash-plugin security update
2011-11-11 00:00:00
prion
prion
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
ubuntucve
ubuntucve
CVE-2011-2451
2011-11-11 00:00:00
CVE-2011-2455
2011-11-11 00:00:00
CVE-2011-2453
2011-11-11 00:00:00
cve
cve
CVE-2011-2445
2011-11-11 16:55:00
CVE-2011-2460
2011-11-11 16:55:00
CVE-2011-2453
2011-11-11 16:55:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2012-04-17 00:00:00
seebug
seebug
Adobe Flash Player่ทจๅŸŸๅฎ‰ๅ…จ้™ๅˆถ็ป•่ฟ‡ๆผๆดž
2011-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Overlapping Records Memory Corruption (APSB11-28; CVE-2011-2453)
2011-11-29 00:00:00
Adobe Flash Player ActionScript2 Stack Buffer Overflow (APSB11-28; CVE-2011-2457)
2011-11-22 00:00:00
Adobe Flash Player Layered Animation Object Buffer Overflow (APSB11-28; CVE-2011-2460)
2011-11-29 00:00:00
symantec
symantec
Adobe Flash Player CVE-2011-2452 Remote Memory Corruption Vulnerability
2011-11-09 00:00:00

9.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for OPENVAS:1361412562310902750
nessus17suse4openvas9freebsd1securityvulns2redhat1prion12ubuntucve12cve12gentoo1seebug1checkpoint_advisories12symantec1