ID RHSA-2015:2593
Type redhat
Reporter RedHat
Modified 2018-06-07T09:04:34
Description
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed
in the References section, could allow an attacker to create a specially
crafted SWF file that would cause flash-plugin to crash, execute arbitrary
code, or disclose sensitive information when the victim loaded a page
containing the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,
CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,
CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,
CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,
CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,
CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,
CVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,
CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,
CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,
CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,
CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,
CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,
CVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,
CVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,
CVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,
CVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 11.2.202.554.
{"id": "RHSA-2015:2593", "hash": "77798214faae3c2bc82874c99a43c785", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2018-06-07T09:04:34", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455", "CVE-2015-8456", "CVE-2015-8457", "CVE-2015-8652", "CVE-2015-8653", "CVE-2015-8654", "CVE-2015-8655", "CVE-2015-8656", "CVE-2015-8657", "CVE-2015-8658", "CVE-2015-8820", "CVE-2015-8821", "CVE-2015-8822", "CVE-2015-8823"], "lastseen": "2019-12-11T13:32:38", "history": [{"bulletin": {"id": "RHSA-2015:2593", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2017-03-03T17:18:48", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8652", "CVE-2015-8445", "CVE-2015-8058", "CVE-2015-8436", "CVE-2015-8071", "CVE-2015-8452", "CVE-2015-8444", "CVE-2015-8064", "CVE-2015-8447", "CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8441", "CVE-2015-8410", "CVE-2015-8407", "CVE-2015-8405", "CVE-2015-8063", "CVE-2015-8412", "CVE-2015-8061", "CVE-2015-8442", "CVE-2015-8065", "CVE-2015-8432", "CVE-2015-8421", "CVE-2015-8435", "CVE-2015-8423", "CVE-2015-8427", "CVE-2015-8062", "CVE-2015-8654", "CVE-2015-8449", "CVE-2015-8420", "CVE-2015-8402", "CVE-2015-8056", "CVE-2015-8055", "CVE-2015-8439", "CVE-2015-8419", "CVE-2015-8437", "CVE-2015-8417", "CVE-2015-8446", "CVE-2015-8440", "CVE-2015-8413", "CVE-2015-8454", "CVE-2015-8426", "CVE-2015-8406", "CVE-2015-8422", "CVE-2015-8409", "CVE-2015-8411", "CVE-2015-8820", "CVE-2015-8418", "CVE-2015-8424", "CVE-2015-8403", "CVE-2015-8655", "CVE-2015-8821", "CVE-2015-8656", "CVE-2015-8415", "CVE-2015-8060", "CVE-2015-8070", "CVE-2015-8067", "CVE-2015-8448", "CVE-2015-8453", "CVE-2015-8049", "CVE-2015-8434", "CVE-2015-8066", "CVE-2015-8658", "CVE-2015-8823", "CVE-2015-8438", "CVE-2015-8653", "CVE-2015-8057", "CVE-2015-8050", "CVE-2015-8401", "CVE-2015-8431", "CVE-2015-8059", "CVE-2015-8429", "CVE-2015-8451", "CVE-2015-8069", "CVE-2015-8456", "CVE-2015-8404", "CVE-2015-8443", "CVE-2015-8430", "CVE-2015-8450", "CVE-2015-8457", "CVE-2015-8455", "CVE-2015-8414", "CVE-2015-8068", "CVE-2015-8408", "CVE-2015-8822", "CVE-2015-8425", "CVE-2015-8433", "CVE-2015-8048", "CVE-2015-8428", "CVE-2015-8416", "CVE-2015-8657"], "lastseen": "2017-03-04T19:18:56", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"arch": "i686", "packageFilename": "flash-plugin-11.2.202.554-1.el6_7.i686.rpm", "OSVersion": "6", "packageName": "flash-plugin", "OS": "RedHat", "packageVersion": "11.2.202.554-1.el6_7", "operator": "lt"}, {"arch": "i386", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "OSVersion": "5", "packageName": "flash-plugin", "OS": "RedHat", "packageVersion": "11.2.202.554-1.el5", "operator": "lt"}]}, "lastseen": "2017-03-04T19:18:56", "differentElements": ["affectedPackage", "modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2017-07-27T07:32:37", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455", "CVE-2015-8456", "CVE-2015-8457", "CVE-2015-8652", "CVE-2015-8653", "CVE-2015-8654", "CVE-2015-8655", "CVE-2015-8656", "CVE-2015-8657", "CVE-2015-8658", "CVE-2015-8820", "CVE-2015-8821", "CVE-2015-8822", "CVE-2015-8823"], "lastseen": "2017-07-28T08:57:21", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"arch": "i386", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "OSVersion": "5", "operator": "lt", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "OS": "RedHat"}]}, "lastseen": "2017-07-28T08:57:21", "differentElements": ["affectedPackage", "modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2017-09-08T12:00:06", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455", "CVE-2015-8456", "CVE-2015-8457", "CVE-2015-8652", "CVE-2015-8653", "CVE-2015-8654", "CVE-2015-8655", "CVE-2015-8656", "CVE-2015-8657", "CVE-2015-8658", "CVE-2015-8820", "CVE-2015-8821", "CVE-2015-8822", "CVE-2015-8823"], "lastseen": "2017-09-09T07:19:19", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"arch": "i386", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "OSVersion": "5", "operator": "lt", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "flash-plugin-11.2.202.554-1.el6_7.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el6_7", "OS": "RedHat"}]}, "lastseen": "2017-09-09T07:19:19", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "d37f26e0750ac86db85b145f625b9877", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2018-06-07T09:04:34", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455", "CVE-2015-8456", "CVE-2015-8457", "CVE-2015-8652", "CVE-2015-8653", "CVE-2015-8654", "CVE-2015-8655", "CVE-2015-8656", "CVE-2015-8657", "CVE-2015-8658", "CVE-2015-8820", "CVE-2015-8821", "CVE-2015-8822", "CVE-2015-8823"], "lastseen": "2018-06-13T00:00:40", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el6_7", "packageFilename": "flash-plugin-11.2.202.554-1.el6_7.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-06-13T00:00:40", "differentElements": ["affectedPackage", "cvelist"], "edition": 4}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "ef00b9c23db84ecc8f7ba5cb5b9b074c", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2018-06-07T09:04:34", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455"], "lastseen": "2018-12-11T19:42:01", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "suse", "idList": ["SUSE-SU-2015:2236-1", "SUSE-SU-2015:2247-1", "OPENSUSE-SU-2015:2239-1"]}, {"type": "nessus", "idList": ["OPENSUSE-2015-882.NASL", "SMB_KB3119147.NASL", "GOOGLE_CHROME_47_0_2526_80.NASL", "SUSE_SU-2015-2236-1.NASL", "MACOSX_GOOGLE_CHROME_47_0_2526_80.NASL", "SUSE_SU-2015-2247-1.NASL", "FREEBSD_PKG_C8842A849DDD11E58C2FC485083CA99C.NASL", "GENTOO_GLSA-201601-03.NASL", "REDHAT-RHSA-2015-2593.NASL", "MACOSX_FLASH_PLAYER_APSB15-32.NASL"]}, {"type": "kaspersky", "idList": ["KLA10711"]}, {"type": "archlinux", "idList": ["ASA-201512-7"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851140", "OPENVAS:1361412562310131148", "OPENVAS:1361412562310806778", "OPENVAS:1361412562310806781", "OPENVAS:1361412562310806782", "OPENVAS:1361412562310121438", "OPENVAS:1361412562310806780", "OPENVAS:1361412562310806779"]}, {"type": "freebsd", "idList": ["C8842A84-9DDD-11E5-8C2F-C485083CA99C"]}, {"type": "gentoo", "idList": ["GLSA-201601-03"]}, {"type": "cve", "idList": ["CVE-2015-8451", "CVE-2015-8070", "CVE-2015-8428", "CVE-2015-8060", "CVE-2015-8418", "CVE-2015-8047", "CVE-2015-8427", "CVE-2015-8069", "CVE-2015-8058", "CVE-2015-8061"]}], "modified": "2018-12-11T19:42:01"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T19:42:01", "differentElements": ["cvss"], "edition": 5}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "e39f93dc6bccedef075a4c4dd069bb2d", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2018-06-07T09:04:34", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455"], "lastseen": "2019-05-29T14:34:33", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2019-05-29T14:34:33"}, "dependencies": {"references": [{"type": "nessus", "idList": ["OPENSUSE-2015-882.NASL", "SUSE_SU-2015-2247-1.NASL", "SUSE_SU-2015-2236-1.NASL", "SMB_KB3119147.NASL", "MACOSX_GOOGLE_CHROME_47_0_2526_80.NASL", "GOOGLE_CHROME_47_0_2526_80.NASL", "FREEBSD_PKG_C8842A849DDD11E58C2FC485083CA99C.NASL", "GENTOO_GLSA-201601-03.NASL", "ADOBE_AIR_APSB15-32.NASL", "MACOSX_ADOBE_AIR_APSB15-32.NASL"]}, {"type": "suse", "idList": ["SUSE-SU-2015:2236-1", "OPENSUSE-SU-2015:2239-1", "SUSE-SU-2015:2247-1"]}, {"type": "kaspersky", "idList": ["KLA10711"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310131148", "OPENVAS:1361412562310851140", "OPENVAS:1361412562310806780", "OPENVAS:1361412562310121438", "OPENVAS:1361412562310806782", "OPENVAS:1361412562310806781", "OPENVAS:1361412562310806778", "OPENVAS:1361412562310806779"]}, {"type": "freebsd", "idList": ["C8842A84-9DDD-11E5-8C2F-C485083CA99C"]}, {"type": "archlinux", "idList": ["ASA-201512-7"]}, {"type": "gentoo", "idList": ["GLSA-201601-03"]}, {"type": "cve", "idList": ["CVE-2015-8062", "CVE-2015-8418", "CVE-2015-8431", "CVE-2015-8407", "CVE-2015-8055", "CVE-2015-8411", "CVE-2015-8071", "CVE-2015-8047", "CVE-2015-8045", "CVE-2015-8433"]}], "modified": "2019-05-29T14:34:33"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "operator": "lt"}]}, "lastseen": "2019-05-29T14:34:33", "differentElements": ["affectedPackage"], "edition": 6}, {"bulletin": {"id": "RHSA-2015:2593", "hash": "5c39dfcd0c6ce98ef09d259d1fcdddca", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2015:2593) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB15-32 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2015-8045, CVE-2015-8047,\nCVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056,\nCVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061,\nCVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066,\nCVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\nCVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405,\nCVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410,\nCVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415,\nCVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8420,\nCVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425,\nCVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430,\nCVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\nCVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440,\nCVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445,\nCVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450,\nCVE-2015-8451, CVE-2015-8452, CVE-2015-8453, CVE-2015-8454, CVE-2015-8455)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.554.\n", "published": "2015-12-09T05:00:00", "modified": "2018-06-07T09:04:34", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2015:2593", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2015-8045", "CVE-2015-8047", "CVE-2015-8048", "CVE-2015-8049", "CVE-2015-8050", "CVE-2015-8055", "CVE-2015-8056", "CVE-2015-8057", "CVE-2015-8058", "CVE-2015-8059", "CVE-2015-8060", "CVE-2015-8061", "CVE-2015-8062", "CVE-2015-8063", "CVE-2015-8064", "CVE-2015-8065", "CVE-2015-8066", "CVE-2015-8067", "CVE-2015-8068", "CVE-2015-8069", "CVE-2015-8070", "CVE-2015-8071", "CVE-2015-8401", "CVE-2015-8402", "CVE-2015-8403", "CVE-2015-8404", "CVE-2015-8405", "CVE-2015-8406", "CVE-2015-8407", "CVE-2015-8408", "CVE-2015-8409", "CVE-2015-8410", "CVE-2015-8411", "CVE-2015-8412", "CVE-2015-8413", "CVE-2015-8414", "CVE-2015-8415", "CVE-2015-8416", "CVE-2015-8417", "CVE-2015-8418", "CVE-2015-8419", "CVE-2015-8420", "CVE-2015-8421", "CVE-2015-8422", "CVE-2015-8423", "CVE-2015-8424", "CVE-2015-8425", "CVE-2015-8426", "CVE-2015-8427", "CVE-2015-8428", "CVE-2015-8429", "CVE-2015-8430", "CVE-2015-8431", "CVE-2015-8432", "CVE-2015-8433", "CVE-2015-8434", "CVE-2015-8435", "CVE-2015-8436", "CVE-2015-8437", "CVE-2015-8438", "CVE-2015-8439", "CVE-2015-8440", "CVE-2015-8441", "CVE-2015-8442", "CVE-2015-8443", "CVE-2015-8444", "CVE-2015-8445", "CVE-2015-8446", "CVE-2015-8447", "CVE-2015-8448", "CVE-2015-8449", "CVE-2015-8450", "CVE-2015-8451", "CVE-2015-8452", "CVE-2015-8453", "CVE-2015-8454", "CVE-2015-8455"], "lastseen": "2019-08-13T18:44:38", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2019-08-13T18:44:38"}, "dependencies": {"references": [{"type": "suse", "idList": ["SUSE-SU-2015:2247-1", "SUSE-SU-2015:2236-1", "OPENSUSE-SU-2015:2239-1"]}, {"type": "archlinux", "idList": ["ASA-201512-7"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851140", "OPENVAS:1361412562310131148", "OPENVAS:1361412562310806781", "OPENVAS:1361412562310806782", "OPENVAS:1361412562310806778", "OPENVAS:1361412562310806779", "OPENVAS:1361412562310806780", "OPENVAS:1361412562310121438"]}, {"type": "nessus", "idList": ["MACOSX_GOOGLE_CHROME_47_0_2526_80.NASL", "GOOGLE_CHROME_47_0_2526_80.NASL", "SUSE_SU-2015-2236-1.NASL", "SMB_KB3119147.NASL", "OPENSUSE-2015-882.NASL", "SUSE_SU-2015-2247-1.NASL", "FREEBSD_PKG_C8842A849DDD11E58C2FC485083CA99C.NASL", "MACOSX_FLASH_PLAYER_APSB15-32.NASL", "REDHAT-RHSA-2015-2593.NASL", "ADOBE_AIR_APSB15-32.NASL"]}, {"type": "kaspersky", "idList": ["KLA10711"]}, {"type": "freebsd", "idList": ["C8842A84-9DDD-11E5-8C2F-C485083CA99C"]}, {"type": "gentoo", "idList": ["GLSA-201601-03"]}, {"type": "cve", "idList": ["CVE-2015-8062", "CVE-2015-8045", "CVE-2015-8068", "CVE-2015-8418", "CVE-2015-8071", "CVE-2015-8447", "CVE-2015-8444", "CVE-2015-8404", "CVE-2015-8058", "CVE-2015-8066"]}], "modified": "2019-08-13T18:44:38"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el6_7", "packageFilename": "flash-plugin-11.2.202.554-1.el6_7.i686.rpm", "operator": "lt"}]}, "lastseen": "2019-08-13T18:44:38", "differentElements": ["cvelist"], "edition": 7}], "viewCount": 3, "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2019-12-11T13:32:38"}, "dependencies": {"references": [{"type": "nessus", "idList": ["GOOGLE_CHROME_47_0_2526_80.NASL", "MACOSX_GOOGLE_CHROME_47_0_2526_80.NASL", "SMB_KB3119147.NASL", "SUSE_SU-2015-2236-1.NASL", "OPENSUSE-2015-882.NASL", "SUSE_SU-2015-2247-1.NASL", "FREEBSD_PKG_C8842A849DDD11E58C2FC485083CA99C.NASL", "REDHAT-RHSA-2015-2593.NASL", "MACOSX_FLASH_PLAYER_APSB15-32.NASL", "MACOSX_ADOBE_AIR_APSB15-32.NASL"]}, {"type": "archlinux", "idList": ["ASA-201512-7"]}, {"type": "suse", "idList": ["SUSE-SU-2015:2247-1", "OPENSUSE-SU-2015:2239-1", "SUSE-SU-2015:2236-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851140", "OPENVAS:1361412562310131148", "OPENVAS:1361412562310806781", "OPENVAS:1361412562310806779", "OPENVAS:1361412562310806782", "OPENVAS:1361412562310806778", "OPENVAS:1361412562310806780", "OPENVAS:1361412562310121438"]}, {"type": "kaspersky", "idList": ["KLA10711"]}, {"type": "freebsd", "idList": ["C8842A84-9DDD-11E5-8C2F-C485083CA99C"]}, {"type": "gentoo", "idList": ["GLSA-201601-03"]}, {"type": "cve", "idList": ["CVE-2015-8062", "CVE-2015-8820", "CVE-2015-8068", "CVE-2015-8418", "CVE-2015-8067", "CVE-2015-8045", "CVE-2015-8428", "CVE-2015-8071", "CVE-2015-8064", "CVE-2015-8404"]}], "modified": "2019-12-11T13:32:38"}, "vulnersScore": 7.7}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el5", "packageFilename": "flash-plugin-11.2.202.554-1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "flash-plugin", "packageVersion": "11.2.202.554-1.el6_7", "packageFilename": "flash-plugin-11.2.202.554-1.el6_7.i686.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"kaspersky": [{"lastseen": "2019-03-21T00:14:15", "bulletinFamily": "info", "description": "### *Detect date*:\n12/08/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code.\n\n### *Affected products*:\nAdobe Flash Player versions earlier than 20.0.0.228 \nAdobe Flash Player ESR versions earlier than 18.0.0.268 \nAdobe Flash Player for Linux versions earlier than 11.2.202.554 \nAdobe AIR versions earlier than 20.0.0.204\n\n### *Solution*:\nUpdate to the latest version \n[Get Flash](<https://get.adobe.com/flashplayer/>) \n[Get AIR](<https://get.adobe.com/air/>)\n\n### *Original advisories*:\n[Adobe bulletin](<https://helpx.adobe.com/security/products/flash-player/apsb15-32.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Flash Player ActiveX](<https://threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/>)\n\n### *CVE-IDS*:\n[CVE-2015-8050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8050>)9.3Critical \n[CVE-2015-8442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8442>)9.3Critical \n[CVE-2015-8064](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8064>)10.0Critical \n[CVE-2015-8065](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8065>)10.0Critical \n[CVE-2015-8069](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8069>)10.0Critical \n[CVE-2015-8068](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8068>)10.0Critical \n[CVE-2015-8067](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8067>)10.0Critical \n[CVE-2015-8066](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8066>)10.0Critical \n[CVE-2015-8402](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8402>)10.0Critical \n[CVE-2015-8401](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8401>)10.0Critical \n[CVE-2015-8071](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8071>)10.0Critical \n[CVE-2015-8070](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8070>)10.0Critical \n[CVE-2015-8404](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8404>)10.0Critical \n[CVE-2015-8403](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8403>)10.0Critical \n[CVE-2015-8047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8047>)10.0Critical \n[CVE-2015-8045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8045>)10.0Critical \n[CVE-2015-8049](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8049>)9.3Critical \n[CVE-2015-8048](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8048>)10.0Critical \n[CVE-2015-8443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8443>)10.0Critical \n[CVE-2015-8444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8444>)10.0Critical \n[CVE-2015-8428](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8428>)10.0Critical \n[CVE-2015-8439](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8439>)9.3Critical \n[CVE-2015-8440](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8440>)10.0Critical \n[CVE-2015-8441](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8441>)10.0Critical \n[CVE-2015-8456](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8456>)9.3Critical \n[CVE-2015-8435](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8435>)10.0Critical \n[CVE-2015-8436](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8436>)9.3Critical \n[CVE-2015-8437](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8437>)9.3Critical \n[CVE-2015-8438](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8438>)9.3Critical \n[CVE-2015-8431](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8431>)10.0Critical \n[CVE-2015-8424](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8424>)10.0Critical \n[CVE-2015-8423](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8423>)10.0Critical \n[CVE-2015-8420](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8420>)10.0Critical \n[CVE-2015-8419](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8419>)10.0Critical \n[CVE-2015-8422](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8422>)10.0Critical \n[CVE-2015-8421](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8421>)10.0Critical \n[CVE-2015-8416](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8416>)10.0Critical \n[CVE-2015-8415](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8415>)10.0Critical \n[CVE-2015-8418](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8418>)10.0Critical \n[CVE-2015-8417](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8417>)10.0Critical \n[CVE-2015-8062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8062>)10.0Critical \n[CVE-2015-8405](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8405>)10.0Critical \n[CVE-2015-8406](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8406>)10.0Critical \n[CVE-2015-8407](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8407>)10.0Critical \n[CVE-2015-8408](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8408>)10.0Critical \n[CVE-2015-8409](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8409>)10.0Critical \n[CVE-2015-8410](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8410>)10.0Critical \n[CVE-2015-8411](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8411>)10.0Critical \n[CVE-2015-8412](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8412>)10.0Critical \n[CVE-2015-8413](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8413>)10.0Critical \n[CVE-2015-8414](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8414>)10.0Critical \n[CVE-2015-8060](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8060>)10.0Critical \n[CVE-2015-8061](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8061>)10.0Critical \n[CVE-2015-8058](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8058>)9.3Critical \n[CVE-2015-8059](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8059>)10.0Critical \n[CVE-2015-8063](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8063>)10.0Critical \n[CVE-2015-8057](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8057>)10.0Critical \n[CVE-2015-8055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8055>)10.0Critical \n[CVE-2015-8454](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8454>)10.0Critical \n[CVE-2015-8453](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8453>)4.3Critical \n[CVE-2015-8452](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8452>)10.0Critical \n[CVE-2015-8451](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8451>)10.0Critical \n[CVE-2015-8450](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8450>)9.3Critical \n[CVE-2015-8449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8449>)9.3Critical \n[CVE-2015-8448](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8448>)9.3Critical \n[CVE-2015-8447](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8447>)9.3Critical \n[CVE-2015-8446](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8446>)9.3Critical \n[CVE-2015-8445](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8445>)9.3Critical \n[CVE-2015-8427](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8427>)10.0Critical \n[CVE-2015-8457](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8457>)10.0Critical \n[CVE-2015-8425](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8425>)10.0Critical \n[CVE-2015-8426](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8426>)10.0Critical \n[CVE-2015-8056](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8056>)10.0Critical \n[CVE-2015-8432](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8432>)10.0Critical \n[CVE-2015-8429](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8429>)10.0Critical \n[CVE-2015-8430](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8430>)10.0Critical \n[CVE-2015-8433](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8433>)10.0Critical \n[CVE-2015-8434](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8434>)10.0Critical \n[CVE-2015-8455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8455>)10.0Critical", "modified": "2019-03-07T00:00:00", "published": "2015-12-08T00:00:00", "id": "KLA10711", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10711", "title": "\r KLA10711Multiple vulnerabilities in Adobe Flash Player ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-11-22T03:35:08", "bulletinFamily": "scanner", "description": "The remote Windows host is missing KB3119147. It is, therefore,\naffected by multiple vulnerabilities :\n \n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)", "modified": "2019-11-02T00:00:00", "id": "SMB_KB3119147.NASL", "href": "https://www.tenable.com/plugins/nessus/87249", "published": "2015-12-08T00:00:00", "title": "MS KB3119147: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87249);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n script_xref(name:\"MSKB\", value:\"3119147\");\n\n script_name(english:\"MS KB3119147: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge\");\n script_summary(english:\"Checks the version of the ActiveX control.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has a browser plugin installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing KB3119147. It is, therefore,\naffected by multiple vulnerabilities :\n \n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-27.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/3119147/microsoft-security-advisory-update-for-vulnerabilities-in-adobe-flash\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Microsoft KB3119147.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_activex_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nif (activex_init() != ACX_OK) audit(AUDIT_FN_FAIL, \"activex_init()\");\n\n# Adobe Flash Player CLSID\nclsid = '{D27CDB6E-AE6D-11cf-96B8-444553540000}';\n\nfile = activex_get_filename(clsid:clsid);\nif (isnull(file))\n{\n activex_end();\n audit(AUDIT_FN_FAIL, \"activex_get_filename\", \"NULL\");\n}\nif (!file)\n{\n activex_end();\n audit(AUDIT_ACTIVEX_NOT_FOUND, clsid);\n}\n\n# Get its version.\nversion = activex_get_fileversion(clsid:clsid);\nif (!version)\n{\n activex_end();\n audit(AUDIT_VER_FAIL, file);\n}\n\ninfo = '';\n\niver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\niver = join(iver, sep:\".\");\n\n# all < 18.0.0.268 or 19 < 20.0.0.228\nfix = FALSE;\nif(iver =~ \"^(19|20)\\.\" && ver_compare(ver:iver, fix:\"20.0.0.228\", strict:FALSE) < 0)\n fix = \"20.0.0.228\";\nelse if(ver_compare(ver:iver, fix:\"18.0.0.268\", strict:FALSE) < 0)\n fix = \"18.0.0.268\";\n\nif (\n (report_paranoia > 1 || activex_get_killbit(clsid:clsid) == 0) &&\n fix\n)\n{\n info = '\\n Path : ' + file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\n\nport = kb_smb_transport();\n\nif (info != '')\n{\n if (report_verbosity > 0)\n {\n if (report_paranoia > 1)\n {\n report = info +\n '\\n' +\n 'Note, though, that Nessus did not check whether the kill bit was\\n' +\n \"set for the control's CLSID because of the Report Paranoia setting\" + '\\n' +\n 'in effect when this scan was run.\\n';\n }\n else\n {\n report = info +\n '\\n' +\n 'Moreover, its kill bit is not set so it is accessible via Internet\\n' +\n 'Explorer.\\n';\n }\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T02:43:52", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote Windows host is\nprior to 47.0.2526.80. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A type confusion error exists related to extensions that\n allows an attacker to have an unspecified impact.\n (CVE-2015-6788)\n\n - A use-after-free error exists in Blink that is triggered\n when handling updates. An unauthenticated, remote\n attacker can exploit this to dereference already freed\n memory, resulting in the execution of arbitrary code.\n (CVE-2015-6789)\n\n - An unspecified escaping issue exists in saved pages.\n (CVE-2015-6790)\n\n - Multiple unspecified vulnerabilities exist that an\n attacker can exploit to have an unspecified impact.\n (CVE-2015-6791)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)\n\n - A flaw exists in Google V8 in serialize.cc that is\n triggered when handling alignment for deferred objects.\n An attacker can exploit this to have an unspecified\n impact. (CVE-2015-8548)", "modified": "2019-11-02T00:00:00", "id": "GOOGLE_CHROME_47_0_2526_80.NASL", "href": "https://www.tenable.com/plugins/nessus/87245", "published": "2015-12-08T00:00:00", "title": "Google Chrome < 47.0.2526.80 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87245);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-6788\",\n \"CVE-2015-6789\",\n \"CVE-2015-6790\",\n \"CVE-2015-6791\",\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\",\n \"CVE-2015-8548\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n\n script_name(english:\"Google Chrome < 47.0.2526.80 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 47.0.2526.80. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A type confusion error exists related to extensions that\n allows an attacker to have an unspecified impact.\n (CVE-2015-6788)\n\n - A use-after-free error exists in Blink that is triggered\n when handling updates. An unauthenticated, remote\n attacker can exploit this to dereference already freed\n memory, resulting in the execution of arbitrary code.\n (CVE-2015-6789)\n\n - An unspecified escaping issue exists in saved pages.\n (CVE-2015-6790)\n\n - Multiple unspecified vulnerabilities exist that an\n attacker can exploit to have an unspecified impact.\n (CVE-2015-6791)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)\n\n - A flaw exists in Google V8 in serialize.cc that is\n triggered when handling alignment for deferred objects.\n An attacker can exploit this to have an unspecified\n impact. (CVE-2015-8548)\");\n # http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6b6361f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 47.0.2526.80 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8548\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'47.0.2526.80', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T02:51:41", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote Mac OS X host is\nprior to 47.0.2526.80. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A type confusion error exists related to extensions that\n allows an attacker to have an unspecified impact.\n (CVE-2015-6788)\n\n - A use-after-free error exists in Blink that is triggered\n when handling updates. An unauthenticated, remote\n attacker can exploit this to dereference already freed\n memory, resulting in the execution of arbitrary code.\n (CVE-2015-6789)\n\n - An unspecified escaping issue exists in saved pages.\n (CVE-2015-6790)\n\n - Multiple unspecified vulnerabilities exist that an\n attacker can exploit to have an unspecified impact.\n (CVE-2015-6791)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)\n\n - A flaw exists in Google V8 in serialize.cc that is\n triggered when handling alignment for deferred objects.\n An attacker can exploit this to have an unspecified\n impact. (CVE-2015-8548)", "modified": "2019-11-02T00:00:00", "id": "MACOSX_GOOGLE_CHROME_47_0_2526_80.NASL", "href": "https://www.tenable.com/plugins/nessus/87248", "published": "2015-12-08T00:00:00", "title": "Google Chrome < 47.0.2526.80 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87248);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-6788\",\n \"CVE-2015-6789\",\n \"CVE-2015-6790\",\n \"CVE-2015-6791\",\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\",\n \"CVE-2015-8548\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n\n script_name(english:\"Google Chrome < 47.0.2526.80 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks the version number of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Mac OS X host is\nprior to 47.0.2526.80. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A type confusion error exists related to extensions that\n allows an attacker to have an unspecified impact.\n (CVE-2015-6788)\n\n - A use-after-free error exists in Blink that is triggered\n when handling updates. An unauthenticated, remote\n attacker can exploit this to dereference already freed\n memory, resulting in the execution of arbitrary code.\n (CVE-2015-6789)\n\n - An unspecified escaping issue exists in saved pages.\n (CVE-2015-6790)\n\n - Multiple unspecified vulnerabilities exist that an\n attacker can exploit to have an unspecified impact.\n (CVE-2015-6791)\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454)\n\n - A flaw exists in Google V8 in serialize.cc that is\n triggered when handling alignment for deferred objects.\n An attacker can exploit this to have an unspecified\n impact. (CVE-2015-8548)\");\n # http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6b6361f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome 47.0.2526.80 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8548\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'47.0.2526.80', severity:SECURITY_HOLE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:18:20", "bulletinFamily": "scanner", "description": "This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-32.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "SUSE_SU-2015-2236-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87317", "published": "2015-12-11T00:00:00", "title": "SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:2236-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2236-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87317);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/11 11:22:12\");\n\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8418\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\", \"CVE-2015-8454\", \"CVE-2015-8455\");\n\n script_name(english:\"SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:2236-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-32.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8045/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8047/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8048/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8055/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8056/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8057/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8059/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8061/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8062/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8063/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8064/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8066/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8067/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8069/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8070/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8071/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8401/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8402/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8403/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8404/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8405/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8406/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8407/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8408/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8409/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8410/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8411/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8412/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8413/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8414/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8415/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8416/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8417/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8419/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8420/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8421/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8422/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8423/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8424/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8425/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8426/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8427/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8428/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8430/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8431/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8432/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8433/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8434/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8435/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8436/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8437/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8438/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8439/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8440/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8441/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8442/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8443/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8444/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8445/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8446/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8447/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8448/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8449/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8452/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8453/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8454/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8455/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152236-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3aa385c9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-flash-player-12254=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-flash-player-12254=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:flash-player-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:flash-player-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"flash-player-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"flash-player-gnome-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"flash-player-kde4-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"flash-player-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"flash-player-gnome-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"flash-player-kde4-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"flash-player-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"flash-player-gnome-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"flash-player-kde4-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"flash-player-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"flash-player-gnome-11.2.202.554-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"flash-player-kde4-11.2.202.554-0.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:00:50", "bulletinFamily": "scanner", "description": "This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\n	https://helpx.adobe.com/security/products/flash-player/apsb15-32.h\ntml", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2015-882.NASL", "href": "https://www.tenable.com/plugins/nessus/87714", "published": "2016-01-04T00:00:00", "title": "openSUSE Security Update : flash-player (openSUSE-2015-882)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-882.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87714);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2019/04/11 17:23:07\");\n\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8418\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\", \"CVE-2015-8454\", \"CVE-2015-8455\");\n\n script_name(english:\"openSUSE Security Update : flash-player (openSUSE-2015-882)\");\n script_summary(english:\"Check for the openSUSE-2015-882 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\n	https://helpx.adobe.com/security/products/flash-player/apsb15-32.h\ntml\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"flash-player-11.2.202.554-147.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"flash-player-gnome-11.2.202.554-147.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"flash-player-kde4-11.2.202.554-147.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"flash-player-11.2.202.554-2.82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"flash-player-gnome-11.2.202.554-2.82.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"flash-player-kde4-11.2.202.554-2.82.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player / flash-player-gnome / flash-player-kde4\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:18:21", "bulletinFamily": "scanner", "description": "This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-32.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "SUSE_SU-2015-2247-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87319", "published": "2015-12-11T00:00:00", "title": "SUSE SLED12 Security Update : flash-player (SUSE-SU-2015:2247-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2247-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87319);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/09/11 11:22:12\");\n\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8418\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\", \"CVE-2015-8454\", \"CVE-2015-8455\");\n\n script_name(english:\"SUSE SLED12 Security Update : flash-player (SUSE-SU-2015:2247-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for flash-player to version 11.2.202.554 fixes the\nfollowing security issues in Adobe security advisory APSB15-32.\n\n - These updates resolve heap buffer overflow\n vulnerabilities that could lead to code execution\n (CVE-2015-8438, CVE-2015-8446).\n\n - These updates resolve memory corruption vulnerabilities\n that could lead to code execution (CVE-2015-8444,\n CVE-2015-8443, CVE-2015-8417, CVE-2015-8416,\n CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060,\n CVE-2015-8419, CVE-2015-8408).\n\n - These updates resolve security bypass vulnerabilities\n (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n - These updates resolve a stack overflow vulnerability\n that could lead to code execution (CVE-2015-8407).\n\n - These updates resolve a type confusion vulnerability\n that could lead to code execution (CVE-2015-8439).\n\n - These updates resolve an integer overflow vulnerability\n that could lead to code execution (CVE-2015-8445).\n\n - These updates resolve a buffer overflow vulnerability\n that could lead to code execution (CVE-2015-8415)\n\n - These updates resolve use-after-free vulnerabilities\n that could lead to code execution (CVE-2015-8050,\n CVE-2015-8049, CVE-2015-8437, CVE-2015-8450,\n CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n CVE-2015-8412, CVE-2015-8410, CVE-2015-8411,\n CVE-2015-8424, CVE-2015-8422, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n CVE-2015-8426, CVE-2015-8430, CVE-2015-8427,\n CVE-2015-8428, CVE-2015-8429, CVE-2015-8434,\n CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n CVE-2015-8057, CVE-2015-8056, CVE-2015-8061,\n CVE-2015-8067, CVE-2015-8066, CVE-2015-8062,\n CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n CVE-2015-8402, CVE-2015-8403, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8406, CVE-2015-8069,\n CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\nPlease also see\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-32.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8045/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8047/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8048/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8055/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8056/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8057/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8059/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8061/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8062/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8063/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8064/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8066/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8067/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8069/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8070/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8071/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8401/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8402/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8403/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8404/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8405/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8406/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8407/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8408/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8409/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8410/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8411/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8412/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8413/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8414/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8415/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8416/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8417/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8419/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8420/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8421/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8422/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8423/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8424/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8425/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8426/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8427/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8428/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8430/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8431/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8432/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8433/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8434/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8435/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8436/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8437/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8438/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8439/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8440/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8441/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8442/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8443/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8444/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8445/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8446/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8447/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8448/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8449/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8452/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8453/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8454/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8455/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152247-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a43e5595\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP1-2015-959=1\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2015-959=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2015-959=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-959=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:flash-player-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"flash-player-11.2.202.554-114.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"flash-player-gnome-11.2.202.554-114.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"flash-player-11.2.202.554-114.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"flash-player-gnome-11.2.202.554-114.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:39:37", "bulletinFamily": "scanner", "description": "Adobe reports :\n\nThese updates resolve heap buffer overflow vulnerabilities that could\nlead to code execution (CVE-2015-8438, CVE-2015-8446).\n\nThese updates resolve memory corruption vulnerabilities that could\nlead to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\nCVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8053,\nCVE-2015-8045, CVE-2015-8051, CVE-2015-8060, CVE-2015-8419,\nCVE-2015-8408).\n\nThese updates resolve security bypass vulnerabilities (CVE-2015-8453,\nCVE-2015-8440, CVE-2015-8409).\n\nThese updates resolve a stack overflow vulnerability that could lead\nto code execution (CVE-2015-8407).\n\nThese updates resolve a type confusion vulnerability that could lead\nto code execution (CVE-2015-8439).\n\nThese updates resolve an integer overflow vulnerability that could\nlead to code execution (CVE-2015-8445).\n\nThese updates resolve a buffer overflow vulnerability that could lead\nto code execution (CVE-2015-8415).\n\nThese updates resolve use-after-free vulnerabilities that could lead\nto code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\nCVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\nCVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\nCVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\nCVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\nCVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\nCVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\nCVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8052,\nCVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\nCVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\nCVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\nCVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\nCVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\nCVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\nCVE-2015-8447).", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_C8842A849DDD11E58C2FC485083CA99C.NASL", "href": "https://www.tenable.com/plugins/nessus/87270", "published": "2015-12-09T00:00:00", "title": "FreeBSD : flash -- multiple vulnerabilities (c8842a84-9ddd-11e5-8c2f-c485083ca99c)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87270);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8051\", \"CVE-2015-8052\", \"CVE-2015-8053\", \"CVE-2015-8054\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\");\n\n script_name(english:\"FreeBSD : flash -- multiple vulnerabilities (c8842a84-9ddd-11e5-8c2f-c485083ca99c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adobe reports :\n\nThese updates resolve heap buffer overflow vulnerabilities that could\nlead to code execution (CVE-2015-8438, CVE-2015-8446).\n\nThese updates resolve memory corruption vulnerabilities that could\nlead to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\nCVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8053,\nCVE-2015-8045, CVE-2015-8051, CVE-2015-8060, CVE-2015-8419,\nCVE-2015-8408).\n\nThese updates resolve security bypass vulnerabilities (CVE-2015-8453,\nCVE-2015-8440, CVE-2015-8409).\n\nThese updates resolve a stack overflow vulnerability that could lead\nto code execution (CVE-2015-8407).\n\nThese updates resolve a type confusion vulnerability that could lead\nto code execution (CVE-2015-8439).\n\nThese updates resolve an integer overflow vulnerability that could\nlead to code execution (CVE-2015-8445).\n\nThese updates resolve a buffer overflow vulnerability that could lead\nto code execution (CVE-2015-8415).\n\nThese updates resolve use-after-free vulnerabilities that could lead\nto code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\nCVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\nCVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\nCVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\nCVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\nCVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\nCVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\nCVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8052,\nCVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\nCVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\nCVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\nCVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\nCVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\nCVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\nCVE-2015-8447).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\"\n );\n # https://vuxml.freebsd.org/freebsd/c8842a84-9ddd-11e5-8c2f-c485083ca99c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6f59bcc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6_64-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-flashplugin<11.2r202.554\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-flashplugin<11.2r202.554\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6_64-flashplugin<11.2r202.554\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T02:50:30", "bulletinFamily": "scanner", "description": "The version of Adobe AIR installed on the remote Mac OS X host is\nequal or prior to version 19.0.0.241. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822", "modified": "2019-11-02T00:00:00", "id": "MACOSX_ADOBE_AIR_APSB15-32.NASL", "href": "https://www.tenable.com/plugins/nessus/87246", "published": "2015-12-08T00:00:00", "title": "Adobe AIR for Mac <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87246);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\",\n \"CVE-2015-8652\",\n \"CVE-2015-8653\",\n \"CVE-2015-8654\",\n \"CVE-2015-8655\",\n \"CVE-2015-8656\",\n \"CVE-2015-8657\",\n \"CVE-2015-8658\",\n \"CVE-2015-8820\",\n \"CVE-2015-8821\",\n \"CVE-2015-8822\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n script_xref(name:\"ZDI\", value:\"ZDI-15-601\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-602\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-603\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-604\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-605\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-606\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-607\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-608\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-609\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-610\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-611\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-612\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-613\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-614\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-655\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-656\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-657\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-658\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-659\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-660\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-661\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-662\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-663\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-664\");\n script_xref(name:\"EDB-ID\", value:\"39042\");\n script_xref(name:\"EDB-ID\", value:\"39043\");\n script_xref(name:\"EDB-ID\", value:\"39047\");\n script_xref(name:\"EDB-ID\", value:\"39049\");\n script_xref(name:\"EDB-ID\", value:\"39051\");\n script_xref(name:\"EDB-ID\", value:\"39052\");\n script_xref(name:\"EDB-ID\", value:\"39053\");\n script_xref(name:\"EDB-ID\", value:\"39054\");\n script_xref(name:\"EDB-ID\", value:\"39072\");\n\n script_name(english:\"Adobe AIR for Mac <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)\");\n script_summary(english:\"Checks the version of AIR.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host has a browser plugin installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe AIR installed on the remote Mac OS X host is\nequal or prior to version 19.0.0.241. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe AIR version 20.0.0.204 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_air_installed.nasl\");\n script_require_keys(\"MacOSX/Adobe_AIR/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nkb_base = \"MacOSX/Adobe_AIR\";\nversion = get_kb_item_or_exit(kb_base+\"/Version\");\npath = get_kb_item_or_exit(kb_base+\"/Path\");\n\n# nb: we're checking for versions less than *or equal to* the cutoff!\ncutoff_version = '19.0.0.245';\nfixed_version_for_report = '20.0.0.204';\n\nif (ver_compare(ver:version, fix:cutoff_version, strict:FALSE) <= 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version_for_report +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Adobe AIR\", version, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T02:36:41", "bulletinFamily": "scanner", "description": "The version of Adobe Flash Player installed on the remote Windows host\nis equal or prior to version 19.0.0.245. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822", "modified": "2019-11-02T00:00:00", "id": "FLASH_PLAYER_APSB15-32.NASL", "href": "https://www.tenable.com/plugins/nessus/87244", "published": "2015-12-08T00:00:00", "title": "Adobe Flash Player <= 19.0.0.245 Multiple Vulnerabilities (APSB15-32)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87244);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\",\n \"CVE-2015-8652\",\n \"CVE-2015-8653\",\n \"CVE-2015-8654\",\n \"CVE-2015-8655\",\n \"CVE-2015-8656\",\n \"CVE-2015-8657\",\n \"CVE-2015-8658\",\n \"CVE-2015-8820\",\n \"CVE-2015-8821\",\n \"CVE-2015-8822\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n script_xref(name:\"ZDI\", value:\"ZDI-15-601\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-602\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-603\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-604\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-605\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-606\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-607\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-608\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-609\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-610\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-611\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-612\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-613\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-614\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-655\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-656\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-657\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-658\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-659\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-660\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-661\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-662\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-663\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-664\");\n script_xref(name:\"EDB-ID\", value:\"39042\");\n script_xref(name:\"EDB-ID\", value:\"39043\");\n script_xref(name:\"EDB-ID\", value:\"39047\");\n script_xref(name:\"EDB-ID\", value:\"39049\");\n script_xref(name:\"EDB-ID\", value:\"39051\");\n script_xref(name:\"EDB-ID\", value:\"39052\");\n script_xref(name:\"EDB-ID\", value:\"39053\");\n script_xref(name:\"EDB-ID\", value:\"39054\");\n script_xref(name:\"EDB-ID\", value:\"39072\");\n\n script_name(english:\"Adobe Flash Player <= 19.0.0.245 Multiple Vulnerabilities (APSB15-32)\");\n script_summary(english:\"Checks the version of Flash Player.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has a browser plugin installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Flash Player installed on the remote Windows host\nis equal or prior to version 19.0.0.245. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n # http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cb17c10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Flash Player version 20.0.0.228 or later.\n\nAlternatively, Adobe has made version 18.0.0.268 available for those\ninstallations that cannot be upgraded to the latest version.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Flash_Player/installed\");\n\n# Identify vulnerable versions.\ninfo = \"\";\nvariants = make_list(\n \"Plugin\",\n \"ActiveX\",\n \"Chrome\",\n \"Chrome_Pepper\"\n);\n\n# we're checking for versions less than *or equal to* the cutoff!\nforeach variant (variants)\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n\n if(isnull(vers) || isnull(files))\n continue;\n\n foreach key (keys(vers))\n {\n ver = vers[key];\n if(isnull(ver))\n continue;\n\n vuln = FALSE;\n\n # Chrome Flash <= 19.0.0.245\n if(variant == \"Chrome_Pepper\" &&\n ver_compare(ver:ver,fix:\"19.0.0.245\",strict:FALSE) <= 0\n ) vuln = TRUE;\n\n # <= 18.0.0.261 \n if(variant != \"Chrome_Pepper\" &&\n ver_compare(ver:ver,fix:\"18.0.0.261\",strict:FALSE) <= 0\n ) vuln = TRUE;\n\n # 19 <= 19.0.0.245\n if(variant != \"Chrome_Pepper\" &&\n ver =~ \"^(?:19|[2-9]\\d)\\.\" &&\n ver_compare(ver:ver,fix:\"19.0.0.245\",strict:FALSE) <= 0\n ) vuln = TRUE;\n\n if(vuln)\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += '\\n Product : Browser Plugin (for Firefox / Netscape / Opera)';\n fix = \"20.0.0.228 / 18.0.0.268\";\n }\n else if (variant == \"ActiveX\")\n {\n info += '\\n Product : ActiveX control (for Internet Explorer)';\n fix = \"20.0.0.228 / 18.0.0.268\";\n }\n else if (\"Chrome\" >< variant)\n {\n info += '\\n Product : Browser Plugin (for Google Chrome)';\n if(variant == \"Chrome\")\n fix = \"Upgrade to a version of Google Chrome running Flash Player 20.0.0.228\";\n }\n info += '\\n Path : ' + file +\n '\\n Installed version : ' + ver;\n if (variant == \"Chrome_Pepper\")\n info += '\\n Fixed version : 20.0.0.228 (Chrome PepperFlash)';\n else if(!isnull(fix))\n info += '\\n Fixed version : '+fix;\n info += '\\n';\n }\n }\n}\n\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0) security_hole(port:port, extra:info);\n else security_hole(port);\n}\nelse\n{\n if (thorough_tests)\n exit(0, 'No vulnerable versions of Adobe Flash Player were found.');\n else\n exit(1, 'Google Chrome\\'s built-in Flash Player may not have been detected because the \\'Perform thorough tests\\' setting was not enabled.');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-22T02:12:36", "bulletinFamily": "scanner", "description": "The version of Adobe AIR installed on the remote Windows host is equal\nor prior to version 19.0.0.241. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822", "modified": "2019-11-02T00:00:00", "id": "ADOBE_AIR_APSB15-32.NASL", "href": "https://www.tenable.com/plugins/nessus/87243", "published": "2015-12-08T00:00:00", "title": "Adobe AIR <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87243);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-8045\",\n \"CVE-2015-8047\",\n \"CVE-2015-8048\",\n \"CVE-2015-8049\",\n \"CVE-2015-8050\",\n \"CVE-2015-8054\",\n \"CVE-2015-8055\",\n \"CVE-2015-8056\",\n \"CVE-2015-8057\",\n \"CVE-2015-8058\",\n \"CVE-2015-8059\",\n \"CVE-2015-8060\",\n \"CVE-2015-8061\",\n \"CVE-2015-8062\",\n \"CVE-2015-8063\",\n \"CVE-2015-8064\",\n \"CVE-2015-8065\",\n \"CVE-2015-8066\",\n \"CVE-2015-8067\",\n \"CVE-2015-8068\",\n \"CVE-2015-8069\",\n \"CVE-2015-8070\",\n \"CVE-2015-8071\",\n \"CVE-2015-8401\",\n \"CVE-2015-8402\",\n \"CVE-2015-8403\",\n \"CVE-2015-8404\",\n \"CVE-2015-8405\",\n \"CVE-2015-8406\",\n \"CVE-2015-8407\",\n \"CVE-2015-8408\",\n \"CVE-2015-8409\",\n \"CVE-2015-8410\",\n \"CVE-2015-8411\",\n \"CVE-2015-8412\",\n \"CVE-2015-8413\",\n \"CVE-2015-8414\",\n \"CVE-2015-8415\",\n \"CVE-2015-8416\",\n \"CVE-2015-8417\",\n \"CVE-2015-8418\",\n \"CVE-2015-8419\",\n \"CVE-2015-8420\",\n \"CVE-2015-8421\",\n \"CVE-2015-8422\",\n \"CVE-2015-8423\",\n \"CVE-2015-8424\",\n \"CVE-2015-8425\",\n \"CVE-2015-8426\",\n \"CVE-2015-8427\",\n \"CVE-2015-8428\",\n \"CVE-2015-8429\",\n \"CVE-2015-8430\",\n \"CVE-2015-8431\",\n \"CVE-2015-8432\",\n \"CVE-2015-8433\",\n \"CVE-2015-8434\",\n \"CVE-2015-8435\",\n \"CVE-2015-8436\",\n \"CVE-2015-8437\",\n \"CVE-2015-8438\",\n \"CVE-2015-8439\",\n \"CVE-2015-8440\",\n \"CVE-2015-8441\",\n \"CVE-2015-8442\",\n \"CVE-2015-8443\",\n \"CVE-2015-8444\",\n \"CVE-2015-8445\",\n \"CVE-2015-8446\",\n \"CVE-2015-8447\",\n \"CVE-2015-8448\",\n \"CVE-2015-8449\",\n \"CVE-2015-8450\",\n \"CVE-2015-8451\",\n \"CVE-2015-8452\",\n \"CVE-2015-8453\",\n \"CVE-2015-8454\",\n \"CVE-2015-8455\",\n \"CVE-2015-8456\",\n \"CVE-2015-8457\",\n \"CVE-2015-8652\",\n \"CVE-2015-8653\",\n \"CVE-2015-8654\",\n \"CVE-2015-8655\",\n \"CVE-2015-8656\",\n \"CVE-2015-8657\",\n \"CVE-2015-8658\",\n \"CVE-2015-8820\",\n \"CVE-2015-8821\",\n \"CVE-2015-8822\"\n );\n script_bugtraq_id(\n 78710,\n 78712,\n 78713,\n 78714,\n 78715,\n 78716,\n 78717,\n 78718,\n 78802\n );\n script_xref(name:\"ZDI\", value:\"ZDI-15-601\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-602\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-603\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-604\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-605\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-606\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-607\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-608\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-609\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-610\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-611\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-612\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-613\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-614\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-655\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-656\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-657\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-658\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-659\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-660\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-661\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-662\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-663\");\n script_xref(name:\"ZDI\", value:\"ZDI-15-664\");\n script_xref(name:\"EDB-ID\", value:\"39042\");\n script_xref(name:\"EDB-ID\", value:\"39043\");\n script_xref(name:\"EDB-ID\", value:\"39047\");\n script_xref(name:\"EDB-ID\", value:\"39049\");\n script_xref(name:\"EDB-ID\", value:\"39051\");\n script_xref(name:\"EDB-ID\", value:\"39052\");\n script_xref(name:\"EDB-ID\", value:\"39053\");\n script_xref(name:\"EDB-ID\", value:\"39054\");\n script_xref(name:\"EDB-ID\", value:\"39072\");\n\n script_name(english:\"Adobe AIR <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)\");\n script_summary(english:\"Checks the version of AIR.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has a browser plugin installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe AIR installed on the remote Windows host is equal\nor prior to version 19.0.0.241. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Multiple heap buffer overflow conditions exist that\n allow an attacker to execute arbitrary code.\n (CVE-2015-8438, CVE-2015-8446)\n\n - Multiple memory corruption issues exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8045,\n CVE-2015-8047, CVE-2015-8060, CVE-2015-8408,\n CVE-2015-8416, CVE-2015-8417, CVE-2015-8418,\n CVE-2015-8419, CVE-2015-8443, CVE-2015-8444,\n CVE-2015-8451, CVE-2015-8455, CVE-2015-8652,\n CVE-2015-8654, CVE-2015-8656, CVE-2015-8657,\n CVE-2015-8658, CVE-2015-8820)\n\n - Multiple security bypass vulnerabilities exist that\n allow an attacker to write arbitrary data to the file\n system under user permissions. (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409)\n\n - A stack buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8407,\n CVE-2015-8457)\n\n - A type confusion error exists that allows an attacker to\n execute arbitrary code. (CVE-2015-8439, CVE-2015-8456)\n\n - An integer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8445)\n\n - A buffer overflow condition exists that allows an\n attacker to execute arbitrary code. (CVE-2015-8415)\n\n - Multiple use-after-free errors exist that allow an\n attacker to execute arbitrary code. (CVE-2015-8048,\n CVE-2015-8049, CVE-2015-8050, CVE-2015-8055,\n CVE-2015-8056, CVE-2015-8057, CVE-2015-8058,\n CVE-2015-8059, CVE-2015-8061, CVE-2015-8062,\n CVE-2015-8063, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8066, CVE-2015-8067, CVE-2015-8068,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8071,\n CVE-2015-8401, CVE-2015-8402, CVE-2015-8403,\n CVE-2015-8404, CVE-2015-8405, CVE-2015-8406,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8412,\n CVE-2015-8413, CVE-2015-8414, CVE-2015-8420,\n CVE-2015-8421, CVE-2015-8422, CVE-2015-8423,\n CVE-2015-8424, CVE-2015-8425, CVE-2015-8426,\n CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8430, CVE-2015-8431, CVE-2015-8432,\n CVE-2015-8433, CVE-2015-8434, CVE-2015-8435,\n CVE-2015-8436, CVE-2015-8437, CVE-2015-8441,\n CVE-2015-8442, CVE-2015-8447, CVE-2015-8448,\n CVE-2015-8449, CVE-2015-8450, CVE-2015-8452,\n CVE-2015-8454, CVE-2015-8653, CVE-2015-8655,\n CVE-2015-8821, CVE-2015-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe AIR version 20.0.0.204 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8457\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_air_installed.nasl\");\n script_require_keys(\"SMB/Adobe_AIR/Version\", \"SMB/Adobe_AIR/Path\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/Adobe_AIR/Version\");\npath = get_kb_item_or_exit(\"SMB/Adobe_AIR/Path\");\n\nversion_ui = get_kb_item(\"SMB/Adobe_AIR/Version_UI\");\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui + ' (' + version + ')';\n\ncutoff_version = '19.0.0.245';\nfix = '20.0.0.204';\nfix_ui = '20.0';\n\nif (ver_compare(ver:version, fix:cutoff_version) <= 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fix_ui + \" (\" + fix + ')' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Adobe AIR\", version_report, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:08:46", "bulletinFamily": "unix", "description": "This update for flash-player to version 11.2.202.554 fixes the following\n security issues in Adobe security advisory APSB15-32.\n\n * These updates resolve heap buffer overflow vulnerabilities that could\n lead to code execution (CVE-2015-8438, CVE-2015-8446).\n * These updates resolve memory corruption vulnerabilities that could lead\n to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\n CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419,\n CVE-2015-8408).\n * These updates resolve security bypass vulnerabilities (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409).\n * These updates resolve a stack overflow vulnerability that could lead to\n code execution (CVE-2015-8407).\n * These updates resolve a type confusion vulnerability that could lead to\n code execution (CVE-2015-8439).\n * These updates resolve an integer overflow vulnerability that could lead\n to code execution (CVE-2015-8445).\n * These updates resolve a buffer overflow vulnerability that could lead to\n code execution (CVE-2015-8415)\n * These updates resolve use-after-free vulnerabilities that could lead to\n code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\n CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\n CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\n CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\n CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\n CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\n CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\n Please also see\n <a rel=\"nofollow\" href=\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\">https://helpx.adobe.com/security/products/flash-player/apsb15-32.html</a>\n\n", "modified": "2015-12-10T12:10:31", "published": "2015-12-10T12:10:31", "id": "OPENSUSE-SU-2015:2239-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html", "type": "suse", "title": "Security update for flash-player (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:05:28", "bulletinFamily": "unix", "description": "This update for flash-player to version 11.2.202.554 fixes the following\n security issues in Adobe security advisory APSB15-32.\n\n * These updates resolve heap buffer overflow vulnerabilities that could\n lead to code execution (CVE-2015-8438, CVE-2015-8446).\n * These updates resolve memory corruption vulnerabilities that could lead\n to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\n CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419,\n CVE-2015-8408).\n * These updates resolve security bypass vulnerabilities (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409).\n * These updates resolve a stack overflow vulnerability that could lead to\n code execution (CVE-2015-8407).\n * These updates resolve a type confusion vulnerability that could lead to\n code execution (CVE-2015-8439).\n * These updates resolve an integer overflow vulnerability that could lead\n to code execution (CVE-2015-8445).\n * These updates resolve a buffer overflow vulnerability that could lead to\n code execution (CVE-2015-8415)\n * These updates resolve use-after-free vulnerabilities that could lead to\n code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\n CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\n CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\n CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\n CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\n CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\n CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\n Please also see\n <a rel=\"nofollow\" href=\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\">https://helpx.adobe.com/security/products/flash-player/apsb15-32.html</a>\n\n", "modified": "2015-12-09T20:10:33", "published": "2015-12-09T20:10:33", "id": "SUSE-SU-2015:2236-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html", "title": "Security update for flash-player (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:22:34", "bulletinFamily": "unix", "description": "This update for flash-player to version 11.2.202.554 fixes the following\n security issues in Adobe security advisory APSB15-32.\n\n * These updates resolve heap buffer overflow vulnerabilities that could\n lead to code execution (CVE-2015-8438, CVE-2015-8446).\n * These updates resolve memory corruption vulnerabilities that could lead\n to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\n CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419,\n CVE-2015-8408).\n * These updates resolve security bypass vulnerabilities (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409).\n * These updates resolve a stack overflow vulnerability that could lead to\n code execution (CVE-2015-8407).\n * These updates resolve a type confusion vulnerability that could lead to\n code execution (CVE-2015-8439).\n * These updates resolve an integer overflow vulnerability that could lead\n to code execution (CVE-2015-8445).\n * These updates resolve a buffer overflow vulnerability that could lead to\n code execution (CVE-2015-8415)\n * These updates resolve use-after-free vulnerabilities that could lead to\n code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\n CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\n CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\n CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\n CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\n CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\n CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\n Please also see\n <a rel=\"nofollow\" href=\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\">https://helpx.adobe.com/security/products/flash-player/apsb15-32.html</a>\n\n", "modified": "2015-12-10T15:10:22", "published": "2015-12-10T15:10:22", "id": "SUSE-SU-2015:2247-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html", "title": "Security update for flash-player (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:47", "bulletinFamily": "unix", "description": "- CVE-2015-8045 CVE-2015-8060 CVE-2015-8408 CVE-2015-8416 CVE-2015-8417\n CVE-2015-8418 CVE-2015-8419 CVE-2015-8443 CVE-2015-8444 CVE-2015-8047\n CVE-2015-8451 CVE-2015-8455 (arbitrary code execution)\n\nMemory corruption vulnerabilities have been discovered that could lead\nto arbitrary code execution.\n\n- CVE-2015-8438 CVE-2015-8446 (arbitrary code execution)\n\nHeap buffer overflow vulnerabilities have been discovered that could\nlead to arbitrary code execution.\n\n- CVE-2015-8409 CVE-2015-8440 CVE-2015-8453\n (security restriction bypass)\n\nMultiple issues have been discovered that are lading to security\nrestriction bypass.\n\n- CVE-2015-8407 (arbitrary code execution)\n\nA stack overflow vulnerability has been discovered that could lead to\narbitrary code execution.\n\n- CVE-2015-8439 (arbitrary code execution)\n\nA type confusion vulnerability has been discovered that could lead to\narbitrary code execution.\n\n- CVE-2015-8445 (arbitrary code execution)\n\nAn integer overflow vulnerability has been discovered that could lead to\narbitrary code execution.\n\n- CVE-2015-8415 (arbitrary code execution)\n\nA buffer overflow vulnerability has been discovered that could lead to\narbitrary code execution.\n\n- CVE-2015-8050 CVE-2015-8049 CVE-2015-8437 CVE-2015-8450 CVE-2015-8449\n CVE-2015-8448 CVE-2015-8436 CVE-2015-8452 CVE-2015-8048 CVE-2015-8413\n CVE-2015-8412 CVE-2015-8410 CVE-2015-8411 CVE-2015-8424 CVE-2015-8422\n CVE-2015-8420 CVE-2015-8421 CVE-2015-8423 CVE-2015-8425 CVE-2015-8433\n CVE-2015-8432 CVE-2015-8431 CVE-2015-8426 CVE-2015-8430 CVE-2015-8427\n CVE-2015-8428 CVE-2015-8429 CVE-2015-8434 CVE-2015-8435 CVE-2015-8414\n CVE-2015-8454 CVE-2015-8059 CVE-2015-8058 CVE-2015-8055 CVE-2015-8057\n CVE-2015-8056 CVE-2015-8061 CVE-2015-8067 CVE-2015-8066 CVE-2015-8062\n CVE-2015-8068 CVE-2015-8064 CVE-2015-8065 CVE-2015-8063 CVE-2015-8405\n CVE-2015-8404 CVE-2015-8402 CVE-2015-8403 CVE-2015-8071 CVE-2015-8401\n CVE-2015-8406 CVE-2015-8069 CVE-2015-8070 CVE-2015-8441 CVE-2015-8442\n CVE-2015-8447 (arbitrary code execution)\n\nMultiple use-after-free vulnerabilities have been discovered that could\nlead to arbitrary code execution.", "modified": "2015-12-09T00:00:00", "published": "2015-12-09T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html", "id": "ASA-201512-7", "title": "flashplugin: multiple issues", "type": "archlinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:03", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2015-12-11T00:00:00", "id": "OPENVAS:1361412562310851140", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851140", "title": "SuSE Update for flash-player SUSE-SU-2015:2247-1 (flash-player)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_2247_1.nasl 14110 2019-03-12 09:28:23Z cfischer $\n#\n# SuSE Update for flash-player SUSE-SU-2015:2247-1 (flash-player)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851140\");\n script_version(\"$Revision: 14110 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 10:28:23 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-11 05:48:26 +0100 (Fri, 11 Dec 2015)\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\",\n \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\",\n \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\",\n \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\",\n \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\",\n \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\",\n \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\",\n \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\",\n \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8418\",\n \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\",\n \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\",\n \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\",\n \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\",\n \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\",\n \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\",\n \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\",\n \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\",\n \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\", \"CVE-2015-8454\",\n \"CVE-2015-8455\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for flash-player SUSE-SU-2015:2247-1 (flash-player)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'flash-player'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for flash-player to version 11.2.202.554 fixes the following\n security issues in Adobe security advisory APSB15-32.\n\n * These updates resolve heap buffer overflow vulnerabilities that could\n lead to code execution (CVE-2015-8438, CVE-2015-8446).\n\n * These updates resolve memory corruption vulnerabilities that could lead\n to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417,\n CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455,\n CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419,\n CVE-2015-8408).\n\n * These updates resolve security bypass vulnerabilities (CVE-2015-8453,\n CVE-2015-8440, CVE-2015-8409).\n\n * These updates resolve a stack overflow vulnerability that could lead to\n code execution (CVE-2015-8407).\n\n * These updates resolve a type confusion vulnerability that could lead to\n code execution (CVE-2015-8439).\n\n * These updates resolve an integer overflow vulnerability that could lead\n to code execution (CVE-2015-8445).\n\n * These updates resolve a buffer overflow vulnerability that could lead to\n code execution (CVE-2015-8415)\n\n * These updates resolve use-after-free vulnerabilities that could lead to\n code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437,\n CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436,\n CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412,\n CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422,\n CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425,\n CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426,\n CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429,\n CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8454,\n CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057,\n CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066,\n CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065,\n CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402,\n CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406,\n CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442,\n CVE-2015-8447).\n\n Please also see the referenced vendor advisory.\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_tag(name:\"affected\", value:\"flash-player on SUSE Linux Enterprise Desktop 12\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"SUSE-SU\", value:\"2015:2247_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED12\\.0SP0\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"SLED12.0SP0\")\n{\n\n if ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~11.2.202.554~114.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-gnome\", rpm:\"flash-player-gnome~11.2.202.554~114.1\", rls:\"SLED12.0SP0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "scanner", "description": "Mageia Linux Local Security Checks mgasa-2015-0468", "modified": "2018-09-28T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310131148", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131148", "title": "Mageia Linux Local Check: mgasa-2015-0468", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0468.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131148\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 11:05:50 +0200 (Thu, 10 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0468\");\n script_tag(name:\"insight\", value:\"Adobe Flash Player 11.2.202.554 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0468.html\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8051\", \"CVE-2015-8052\", \"CVE-2015-8053\", \"CVE-2015-8054\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0468\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"flash-player-plugin\", rpm:\"flash-player-plugin~11.2.202.554~1.mga5.nonfree\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:12:47", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310806780", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806780", "title": "Adobe Flash Player Multiple Vulnerabilities Dec15 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities Dec15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806780\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8418\", \"CVE-2015-8454\", \"CVE-2015-8455\",\n \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\",\n \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\",\n \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\",\n \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\",\n \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\",\n \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\",\n \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\",\n \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\",\n \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\",\n \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\",\n \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\",\n \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\",\n \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\",\n \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\",\n \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\",\n \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\",\n \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\",\n \"CVE-2015-8453\", \"CVE-2015-8456\", \"CVE-2015-8457\", \"CVE-2015-8652\",\n \"CVE-2015-8653\", \"CVE-2015-8654\", \"CVE-2015-8655\", \"CVE-2015-8656\",\n \"CVE-2015-8657\", \"CVE-2015-8822\", \"CVE-2015-8658\", \"CVE-2015-8820\",\n \"CVE-2015-8821\", \"CVE-2015-8823\");\n script_bugtraq_id(78717, 78718, 78715, 78714, 78716, 78712, 78710, 78715, 78713);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 14:59:48 +0530 (Thu, 10 Dec 2015)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities Dec15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - A stack overflow vulnerability.\n\n - A type confusion vulnerability.\n\n - An integer overflow vulnerability.\n\n - A buffer overflow vulnerability.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to bypass security restrictions and execute arbitrary code on the affected\n system.\");\n\n script_tag(name:\"affected\", value:\"Adobe Flash Player version before\n 11.2.202.554 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Flash Player version\n 11.2.202.554 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Linux/Ver\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!playerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:playerVer, test_version:\"11.2.202.554\"))\n{\n report = 'Installed version: ' + playerVer + '\\n' +\n 'Fixed version: 11.2.202.554 \\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:55", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air\n and is prone to multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310806781", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806781", "title": "Adobe Air Multiple Vulnerabilities Dec15 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_air_mult_vuln_dec15_win.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Adobe Air Multiple Vulnerabilities Dec15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:adobe_air\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806781\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8418\", \"CVE-2015-8454\", \"CVE-2015-8455\",\n \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\",\n \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\",\n \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\",\n \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\",\n \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\",\n \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\",\n \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\",\n \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\",\n \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\",\n \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\",\n \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\",\n \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\",\n \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\",\n \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\",\n \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\",\n \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\",\n \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\",\n \"CVE-2015-8453\", \"CVE-2015-8456\", \"CVE-2015-8457\", \"CVE-2015-8652\",\n \"CVE-2015-8653\", \"CVE-2015-8654\", \"CVE-2015-8655\", \"CVE-2015-8656\",\n \"CVE-2015-8657\", \"CVE-2015-8822\", \"CVE-2015-8658\", \"CVE-2015-8820\",\n \"CVE-2015-8821\", \"CVE-2015-8823\");\n script_bugtraq_id(78717, 78718, 78715, 78714, 78716, 78712, 78710, 78715, 78713);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 13:31:37 +0530 (Thu, 10 Dec 2015)\");\n script_name(\"Adobe Air Multiple Vulnerabilities Dec15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Air\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - A stack overflow vulnerability.\n\n - A type confusion vulnerability.\n\n - An integer overflow vulnerability.\n\n - A buffer overflow vulnerability.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to bypass security restrictions and execute arbitrary code on the affected\n system.\");\n\n script_tag(name:\"affected\", value:\"Adobe Air version before 20.0.0.204\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Air version\n 20.0.0.204 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/air\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!airVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:airVer, test_version:\"20.0.0.204\"))\n{\n report = 'Installed version: ' + airVer + '\\n' +\n 'Fixed version: 20.0.0.204 \\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:13:09", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310806778", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806778", "title": "Adobe Flash Player Multiple Vulnerabilities Dec15 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities Dec15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806778\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8418\", \"CVE-2015-8454\", \"CVE-2015-8455\",\n \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\",\n \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\",\n \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\",\n \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\",\n \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\",\n \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\",\n \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\",\n \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\",\n \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\",\n \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\",\n \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\",\n \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\",\n \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\",\n \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\",\n \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\",\n \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\",\n \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\",\n \"CVE-2015-8453\", \"CVE-2015-8456\", \"CVE-2015-8457\", \"CVE-2015-8652\",\n \"CVE-2015-8653\", \"CVE-2015-8654\", \"CVE-2015-8655\", \"CVE-2015-8656\",\n \"CVE-2015-8657\", \"CVE-2015-8822\", \"CVE-2015-8658\", \"CVE-2015-8820\",\n \"CVE-2015-8821\", \"CVE-2015-8823\");\n script_bugtraq_id(78717, 78718, 78715, 78714, 78716, 78712, 78710, 78715, 78713);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 13:31:37 +0530 (Thu, 10 Dec 2015)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities Dec15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - A stack overflow vulnerability.\n\n - A type confusion vulnerability.\n\n - An integer overflow vulnerability.\n\n - A buffer overflow vulnerability.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to bypass security restrictions and execute arbitrary code on the affected\n system.\");\n\n script_tag(name:\"affected\", value:\"Adobe Flash Player version before\n 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Flash Player version\n 18.0.0.268 or 20.0.0.228 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Win/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!playerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:playerVer, test_version:\"19.0\", test_version2:\"20.0.0.227\"))\n{\n fix = \"20.0.0.228\";\n VULN = TRUE;\n}\n\nelse if(version_is_less(version:playerVer, test_version:\"18.0.0.268\"))\n{\n fix = \"18.0.0.268\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + playerVer + '\\n' +\n 'Fixed version:' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:38", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air\n and is prone to multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310806782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806782", "title": "Adobe Air Multiple Vulnerabilities Dec15 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_air_mult_vuln_dec15_macosx.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# Adobe Air Multiple Vulnerabilities Dec15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:adobe_air\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806782\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8418\", \"CVE-2015-8454\", \"CVE-2015-8455\",\n \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\",\n \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\",\n \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\",\n \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\",\n \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\",\n \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\",\n \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\",\n \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\",\n \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\",\n \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\",\n \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\",\n \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\",\n \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\",\n \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\",\n \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\",\n \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\",\n \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\",\n \"CVE-2015-8453\", \"CVE-2015-8456\", \"CVE-2015-8457\", \"CVE-2015-8652\",\n \"CVE-2015-8653\", \"CVE-2015-8654\", \"CVE-2015-8655\", \"CVE-2015-8656\",\n \"CVE-2015-8657\", \"CVE-2015-8822\", \"CVE-2015-8658\", \"CVE-2015-8820\",\n \"CVE-2015-8821\", \"CVE-2015-8823\");\n script_bugtraq_id(78717, 78718, 78715, 78714, 78716, 78712, 78710, 78715, 78713);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 15:25:53 +0530 (Thu, 10 Dec 2015)\");\n script_name(\"Adobe Air Multiple Vulnerabilities Dec15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Air\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - A stack overflow vulnerability.\n\n - A type confusion vulnerability.\n\n - An integer overflow vulnerability.\n\n - A buffer overflow vulnerability.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to bypass security restrictions and execute arbitrary code on the affected\n system.\");\n\n script_tag(name:\"affected\", value:\"Adobe Air version before 20.0.0.204\n on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Air version\n 20.0.0.204 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Air/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/air\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!airVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:airVer, test_version:\"20.0.0.204\"))\n{\n report = 'Installed version: ' + airVer + '\\n' +\n 'Fixed version: 20.0.0.204 \\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-19T22:13:43", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2015-12-10T00:00:00", "id": "OPENVAS:1361412562310806779", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806779", "title": "Adobe Flash Player Multiple Vulnerabilities Dec15 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities Dec15 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806779\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\",\n \"CVE-2015-8050\", \"CVE-2015-8418\", \"CVE-2015-8454\", \"CVE-2015-8455\",\n \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\",\n \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\",\n \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\",\n \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\",\n \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\",\n \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\",\n \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\",\n \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\",\n \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8419\", \"CVE-2015-8420\",\n \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\",\n \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\",\n \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\",\n \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\",\n \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\",\n \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8444\",\n \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\",\n \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\",\n \"CVE-2015-8453\", \"CVE-2015-8456\", \"CVE-2015-8457\", \"CVE-2015-8652\",\n \"CVE-2015-8653\", \"CVE-2015-8654\", \"CVE-2015-8655\", \"CVE-2015-8656\",\n \"CVE-2015-8657\", \"CVE-2015-8822\", \"CVE-2015-8658\", \"CVE-2015-8820\",\n \"CVE-2015-8821\", \"CVE-2015-8823\");\n script_bugtraq_id(78717, 78718, 78715, 78714, 78716, 78712, 78710, 78715, 78713);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-12-10 14:56:57 +0530 (Thu, 10 Dec 2015)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities Dec15 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash\n Player and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple heap buffer overflow vulnerabilities.\n\n - Multiple memory corruption vulnerabilities.\n\n - Multiple security bypass vulnerabilities.\n\n - A stack overflow vulnerability.\n\n - A type confusion vulnerability.\n\n - An integer overflow vulnerability.\n\n - A buffer overflow vulnerability.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to bypass security restrictions and execute arbitrary code on the affected\n system.\");\n\n script_tag(name:\"affected\", value:\"Adobe Flash Player version before\n 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Flash Player version\n 18.0.0.268 or 20.0.0.228 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://helpx.adobe.com/security/products/flash-player/apsb15-32.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Flash/Player/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!playerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_in_range(version:playerVer, test_version:\"19.0\", test_version2:\"20.0.0.227\"))\n{\n fix = \"20.0.0.228\";\n VULN = TRUE;\n}\n\nelse if(version_is_less(version:playerVer, test_version:\"18.0.0.268\"))\n{\n fix = \"18.0.0.268\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = 'Installed version: ' + playerVer + '\\n' +\n 'Fixed version:' + fix + '\\n';\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:25", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201601-03", "modified": "2018-10-26T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310121438", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121438", "title": "Gentoo Security Advisory GLSA 201601-03", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201601-03.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121438\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 07:32:19 +0200 (Wed, 27 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201601-03\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201601-03\");\n script_cve_id(\"CVE-2015-8045\", \"CVE-2015-8047\", \"CVE-2015-8048\", \"CVE-2015-8049\", \"CVE-2015-8050\", \"CVE-2015-8055\", \"CVE-2015-8056\", \"CVE-2015-8057\", \"CVE-2015-8058\", \"CVE-2015-8059\", \"CVE-2015-8060\", \"CVE-2015-8061\", \"CVE-2015-8062\", \"CVE-2015-8063\", \"CVE-2015-8064\", \"CVE-2015-8065\", \"CVE-2015-8066\", \"CVE-2015-8067\", \"CVE-2015-8068\", \"CVE-2015-8069\", \"CVE-2015-8070\", \"CVE-2015-8071\", \"CVE-2015-8401\", \"CVE-2015-8402\", \"CVE-2015-8403\", \"CVE-2015-8404\", \"CVE-2015-8405\", \"CVE-2015-8406\", \"CVE-2015-8407\", \"CVE-2015-8408\", \"CVE-2015-8409\", \"CVE-2015-8410\", \"CVE-2015-8411\", \"CVE-2015-8412\", \"CVE-2015-8413\", \"CVE-2015-8414\", \"CVE-2015-8415\", \"CVE-2015-8416\", \"CVE-2015-8417\", \"CVE-2015-8418\", \"CVE-2015-8419\", \"CVE-2015-8420\", \"CVE-2015-8421\", \"CVE-2015-8422\", \"CVE-2015-8423\", \"CVE-2015-8424\", \"CVE-2015-8425\", \"CVE-2015-8426\", \"CVE-2015-8427\", \"CVE-2015-8428\", \"CVE-2015-8429\", \"CVE-2015-8430\", \"CVE-2015-8431\", \"CVE-2015-8432\", \"CVE-2015-8433\", \"CVE-2015-8434\", \"CVE-2015-8435\", \"CVE-2015-8436\", \"CVE-2015-8437\", \"CVE-2015-8438\", \"CVE-2015-8439\", \"CVE-2015-8440\", \"CVE-2015-8441\", \"CVE-2015-8442\", \"CVE-2015-8443\", \"CVE-2015-8445\", \"CVE-2015-8446\", \"CVE-2015-8447\", \"CVE-2015-8448\", \"CVE-2015-8449\", \"CVE-2015-8450\", \"CVE-2015-8451\", \"CVE-2015-8452\", \"CVE-2015-8453\", \"CVE-2015-8454\", \"CVE-2015-8455\", \"CVE-2015-8459\", \"CVE-2015-8460\", \"CVE-2015-8635\", \"CVE-2015-8636\", \"CVE-2015-8638\", \"CVE-2015-8639\", \"CVE-2015-8640\", \"CVE-2015-8641\", \"CVE-2015-8642\", \"CVE-2015-8643\", \"CVE-2015-8644\", \"CVE-2015-8645\", \"CVE-2015-8646\", \"CVE-2015-8647\", \"CVE-2015-8648\", \"CVE-2015-8649\", \"CVE-2015-8650\", \"CVE-2015-8651\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201601-03\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-plugins/adobe-flash\", unaffected: make_list(\"ge 11.2.202.559\"), vulnerable: make_list(\"lt 11.2.202.559\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:57", "bulletinFamily": "unix", "description": "\nAdobe reports:\n\n\n\t These updates resolve heap buffer overflow vulnerabilities that\n\t could lead to code execution (CVE-2015-8438, CVE-2015-8446).\n\n\t These updates resolve memory corruption vulnerabilities that\n\t could lead to code execution (CVE-2015-8444, CVE-2015-8443,\n\t CVE-2015-8417, CVE-2015-8416, CVE-2015-8451, CVE-2015-8047,\n\t CVE-2015-8053, CVE-2015-8045, CVE-2015-8051, CVE-2015-8060,\n\t CVE-2015-8419, CVE-2015-8408).\n\n\t These updates resolve security bypass vulnerabilities\n\t (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).\n\n\t These updates resolve a stack overflow vulnerability that\n\t could lead to code execution (CVE-2015-8407).\n\n\t These updates resolve a type confusion vulnerability that\n\t could lead to code execution (CVE-2015-8439).\n\n\t These updates resolve an integer overflow vulnerability\n\t that could lead to code execution (CVE-2015-8445).\n\n\t These updates resolve a buffer overflow vulnerability that\n\t could lead to code execution (CVE-2015-8415).\n\n\t These updates resolve use-after-free vulnerabilities that\n\t could lead to code execution (CVE-2015-8050, CVE-2015-8049,\n\t CVE-2015-8437, CVE-2015-8450, CVE-2015-8449, CVE-2015-8448,\n\t CVE-2015-8436, CVE-2015-8452, CVE-2015-8048, CVE-2015-8413,\n\t CVE-2015-8412, CVE-2015-8410, CVE-2015-8411, CVE-2015-8424,\n\t CVE-2015-8422, CVE-2015-8420, CVE-2015-8421, CVE-2015-8423,\n\t CVE-2015-8425, CVE-2015-8433, CVE-2015-8432, CVE-2015-8431,\n\t CVE-2015-8426, CVE-2015-8430, CVE-2015-8427, CVE-2015-8428,\n\t CVE-2015-8429, CVE-2015-8434, CVE-2015-8435, CVE-2015-8414,\n\t CVE-2015-8052, CVE-2015-8059, CVE-2015-8058, CVE-2015-8055,\n\t CVE-2015-8057, CVE-2015-8056, CVE-2015-8061, CVE-2015-8067,\n\t CVE-2015-8066, CVE-2015-8062, CVE-2015-8068, CVE-2015-8064,\n\t CVE-2015-8065, CVE-2015-8063, CVE-2015-8405, CVE-2015-8404,\n\t CVE-2015-8402, CVE-2015-8403, CVE-2015-8071, CVE-2015-8401,\n\t CVE-2015-8406, CVE-2015-8069, CVE-2015-8070, CVE-2015-8441,\n\t CVE-2015-8442, CVE-2015-8447).\n\n", "modified": "2015-12-08T00:00:00", "published": "2015-12-08T00:00:00", "id": "C8842A84-9DDD-11E5-8C2F-C485083CA99C", "href": "https://vuxml.freebsd.org/freebsd/c8842a84-9ddd-11e5-8c2f-c485083ca99c.html", "title": "flash -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:30", "bulletinFamily": "unix", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-plugins/adobe-flash-11.2.202.559\"", "modified": "2016-01-26T00:00:00", "published": "2016-01-26T00:00:00", "id": "GLSA-201601-03", "href": "https://security.gentoo.org/glsa/201601-03", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2016-12-07T18:26:00", "id": "CVE-2015-8062", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8062", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8062", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658.", "modified": "2016-11-28T19:49:00", "id": "CVE-2015-8820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8820", "published": "2016-03-04T23:59:00", "title": "CVE-2015-8820", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2016-12-07T18:26:00", "id": "CVE-2015-8068", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8068", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8068", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.", "modified": "2017-02-17T02:59:00", "id": "CVE-2015-8418", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8418", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8418", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2016-12-07T18:26:00", "id": "CVE-2015-8067", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8067", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8067", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.", "modified": "2016-12-07T18:26:00", "id": "CVE-2015-8045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8045", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8045", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2017-09-10T01:29:00", "id": "CVE-2015-8428", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8428", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8428", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2016-12-07T18:26:00", "id": "CVE-2015-8064", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8064", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8064", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454.\n<a href=\"https://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "modified": "2016-12-07T18:27:00", "id": "CVE-2015-8404", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8404", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8404", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:45", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455.", "modified": "2017-02-17T02:59:00", "id": "CVE-2015-8416", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8416", "published": "2015-12-10T05:59:00", "title": "CVE-2015-8416", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
