{"suse": [{"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "description": "flash player was updated to version 11.2.202.243 fixing a\n lot of security issues:\n\n CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5252, CVE-2012-5253, CVE-2012-5254,\n CVE-2012-5255, CVE-2012-5256, CVE-2012-5257,\n CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261,\n CVE-2012-5262, CVE-2012-5263, CVE-2012-5264,\n CVE-2012-5265, CVE-2012-5266, CVE-2012-5267,\n CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\n\n Please visit\n\n <a rel=\"nofollow\" href=\"http://www.adobe.com/support/security/bulletins/apsb12-22.ht\">http://www.adobe.com/support/security/bulletins/apsb12-22.ht</a>\n ml\n <<a rel=\"nofollow\" href=\"http://www.adobe.com/support/security/bulletins/apsb12-22.h\">http://www.adobe.com/support/security/bulletins/apsb12-22.h</a>\n tml>\n\n for details.\n", "modified": "2012-10-10T21:08:48", "published": "2012-10-10T21:08:48", "id": "SUSE-SU-2012:1326-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00004.html", "title": "Security update for flash-player (critical)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:37:36", "bulletinFamily": "unix", "description": "Flash Player was updated to 11.2.202.243\n * CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\n\n", "modified": "2012-10-10T14:08:40", "published": "2012-10-10T14:08:40", "id": "OPENSUSE-SU-2012:1324-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00003.html", "type": "suse", "title": "flash-player: Update to 11.2.202.243 (critical)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:55", "bulletinFamily": "unix", "description": "Flash Player was updated to 11.2.202.243\n * CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\n\n", "modified": "2013-02-28T18:29:07", "published": "2013-02-28T18:29:07", "id": "OPENSUSE-SU-2013:0370-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html", "title": "flash-player: Update to 11.2.202.243 (critical)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-11T11:07:41", "bulletinFamily": "scanner", "description": "Check for the Version of flash-player", "modified": "2018-01-09T00:00:00", "published": "2012-12-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850347", "id": "OPENVAS:850347", "title": "SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_1324_1.nasl 8336 2018-01-09 07:01:48Z teissa $\n#\n# SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"flash-player on openSUSE 12.1, openSUSE 11.4\";\ntag_insight = \"Flash Player was updated to 11.2.202.243\n * CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850347);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:52 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2012-5252\", \"CVE-2012-5256\", \"CVE-2012-5260\", \"CVE-2012-5264\",\n \"CVE-2012-5268\", \"CVE-2012-5272\", \"CVE-2012-5248\", \"CVE-2012-5249\",\n \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5253\", \"CVE-2012-5254\",\n \"CVE-2012-5255\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5265\",\n \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5269\", \"CVE-2012-5270\",\n \"CVE-2012-5271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:1324_1\");\n script_name(\"SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of flash-player\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-gnome\", rpm:\"flash-player-gnome~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-kde4\", rpm:\"flash-player-kde4~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-gnome\", rpm:\"flash-player-gnome~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-kde4\", rpm:\"flash-player-kde4~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-12-13T00:00:00", "id": "OPENVAS:1361412562310850347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850347", "title": "SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_1324_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850347\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:52 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2012-5252\", \"CVE-2012-5256\", \"CVE-2012-5260\", \"CVE-2012-5264\",\n \"CVE-2012-5268\", \"CVE-2012-5272\", \"CVE-2012-5248\", \"CVE-2012-5249\",\n \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5253\", \"CVE-2012-5254\",\n \"CVE-2012-5255\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5265\",\n \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5269\", \"CVE-2012-5270\",\n \"CVE-2012-5271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:1324_1\");\n script_name(\"SuSE Update for flash-player openSUSE-SU-2012:1324-1 (flash-player)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'flash-player'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE12\\.1)\");\n script_tag(name:\"affected\", value:\"flash-player on openSUSE 12.1, openSUSE 11.4\");\n script_tag(name:\"insight\", value:\"Flash Player was updated to 11.2.202.243\n\n * CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-gnome\", rpm:\"flash-player-gnome~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-kde4\", rpm:\"flash-player-kde4~11.2.202.243~23.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-gnome\", rpm:\"flash-player-gnome~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"flash-player-kde4\", rpm:\"flash-player-kde4~11.2.202.243~30.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:45", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "modified": "2017-04-12T00:00:00", "published": "2012-10-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=802988", "id": "OPENVAS:802988", "title": "Adobe Flash Player Multiple Vulnerabilities - Oct12 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_flash_player_mult_vuln_oct12_lin.nasl 5940 2017-04-12 09:02:05Z teissa $\n#\n# Adobe Flash Player Multiple Vulnerabilities - Oct12 (Linux)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\n Impact Level: System/Application\";\ntag_affected = \"Adobe Flash Player version before 10.3.183.29, 11.x before 11.2.202.243 on Linux\";\ntag_insight = \"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\";\ntag_solution = \"Update to Adobe Flash Player version 10.3.183.29 or 11.2.202.243 or later,\n For updates refer to http://get.adobe.com/flashplayer/\";\ntag_summary = \"This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(802988);\n script_version(\"$Revision: 5940 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-12 11:02:05 +0200 (Wed, 12 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-15 12:53:03 +0530 (Mon, 15 Oct 2012)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - Oct12 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/50876/\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_require_keys(\"AdobeFlashPlayer/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nplayerVer = \"\";\n\n# Check for Adobe Flash Player\nplayerVer = get_kb_item(\"AdobeFlashPlayer/Linux/Ver\");\nif(playerVer && playerVer =~ \",\")\n{\n playerVer = ereg_replace(pattern:\",\", string:playerVer, replace: \".\");\n}\n\nif(playerVer)\n{\n # Grep for version less than 10.3.183.29 and 11.x less than 11.2.202.243\n if(version_is_less(version: playerVer, test_version:\"10.3.183.29\") ||\n version_in_range(version: playerVer, test_version:\"11.0\", test_version2:\"11.2.202.238\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:08", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2012-10-15T00:00:00", "id": "OPENVAS:1361412562310802986", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802986", "title": "Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802986\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-10-15 12:29:16 +0530 (Mon, 15 Oct 2012)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/50876/\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Win/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\");\n script_tag(name:\"affected\", value:\"Adobe Flash Player version before 10.3.183.29, 11.x before 11.4.402.287 on Windows\");\n script_tag(name:\"insight\", value:\"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\");\n script_tag(name:\"solution\", value:\"Update to Adobe Flash Player version 10.3.183.29 or 11.4.402.287 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/flashplayer/\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less( version:vers, test_version:\"10.3.183.29\" ) ||\n version_in_range( version:vers, test_version:\"11.0\", test_version2:\"11.4.402.278\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"10.3.183.29 or 11.4.402.287\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-20T13:22:12", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "modified": "2017-12-19T00:00:00", "published": "2012-10-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=802986", "id": "OPENVAS:802986", "title": "Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_oct12_win.nasl 8178 2017-12-19 13:42:38Z cfischer $\n#\n# Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\ntag_impact = \"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\n Impact Level: System/Application\";\ntag_affected = \"Adobe Flash Player version before 10.3.183.29, 11.x before 11.4.402.287 on Windows\";\ntag_insight = \"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\";\ntag_solution = \"Update to Adobe Flash Player version 10.3.183.29 or 11.4.402.287 or later,\n For updates refer to http://get.adobe.com/flashplayer/\";\ntag_summary = \"This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(802986);\n script_version(\"$Revision: 8178 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 14:42:38 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-15 12:29:16 +0530 (Mon, 15 Oct 2012)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/50876/\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n# Grep for version less than 10.3.183.29 and 11.x less than 11.4.402.287\nif( version_is_less( version:vers, test_version:\"10.3.183.29\" ) ||\n version_in_range( version:vers, test_version:\"11.0\", test_version2:\"11.4.402.278\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"10.3.183.29 or 11.4.402.287\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:09", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.", "modified": "2017-05-12T00:00:00", "published": "2013-03-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803452", "id": "OPENVAS:803452", "title": "Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_air_mult_vuln_oct12_macosx.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\n Impact Level: System/Application\";\ntag_affected = \"Adobe AIR version 3.4.0.2540 and earlier on Mac OS X\";\ntag_insight = \"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\";\ntag_solution = \"Update to Adobe Air version 3.4.0.2710 or later,\n For updates refer to http://get.adobe.com/air\";\ntag_summary = \"This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803452);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 13:43:58 +0530 (Thu, 28 Mar 2013)\");\n script_name(\"Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/50876/\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Air/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nairVer = \"\";\n\n# Check for Adobe Air 3.4.0.2540 and prior\nairVer = get_kb_item(\"Adobe/Air/MacOSX/Version\");\nif(airVer)\n{\n # Grep for version 3.4.0.2540 and prior\n if(version_is_less_equal(version:airVer, test_version:\"3.4.0.2540\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:24", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2013-03-28T00:00:00", "id": "OPENVAS:1361412562310803451", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803451", "title": "Adobe Air Multiple Vulnerabilities - October 12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Air Multiple Vulnerabilities - October 12 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:adobe_air\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803451\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 13:10:53 +0530 (Thu, 28 Mar 2013)\");\n script_name(\"Adobe Air Multiple Vulnerabilities - October 12 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/50876/\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air/Win/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\");\n script_tag(name:\"affected\", value:\"Adobe AIR version 3.4.0.2540 and earlier on Windows\");\n script_tag(name:\"insight\", value:\"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\");\n script_tag(name:\"solution\", value:\"Update to Adobe Air version 3.4.0.2710 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/air\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less_equal( version:vers, test_version:\"3.4.0.2540\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"3.4.0.2710\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:55", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-03-28T00:00:00", "id": "OPENVAS:1361412562310803452", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803452", "title": "Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_air_mult_vuln_oct12_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803452\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 13:43:58 +0530 (Thu, 28 Mar 2013)\");\n script_name(\"Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/50876/\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Air/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\");\n script_tag(name:\"affected\", value:\"Adobe AIR version 3.4.0.2540 and earlier on Mac OS X\");\n script_tag(name:\"insight\", value:\"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\");\n script_tag(name:\"solution\", value:\"Update to Adobe Air version 3.4.0.2710 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/air\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nairVer = get_kb_item(\"Adobe/Air/MacOSX/Version\");\nif(airVer)\n{\n if(version_is_less_equal(version:airVer, test_version:\"3.4.0.2540\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-20T13:23:38", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.", "modified": "2017-12-19T00:00:00", "published": "2013-03-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803451", "id": "OPENVAS:803451", "title": "Adobe Air Multiple Vulnerabilities - October 12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_air_mult_vuln_oct12_win.nasl 8176 2017-12-19 12:50:00Z cfischer $\n#\n# Adobe Air Multiple Vulnerabilities - October 12 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:adobe_air\";\n\ntag_impact = \"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\n Impact Level: System/Application\";\ntag_affected = \"Adobe AIR version 3.4.0.2540 and earlier on Windows\";\ntag_insight = \"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\";\ntag_solution = \"Update to Adobe Air version 3.4.0.2710 or later,\n For updates refer to http://get.adobe.com/air\";\ntag_summary = \"This host is installed with Adobe Air and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803451);\n script_version(\"$Revision: 8176 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 13:50:00 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 13:10:53 +0530 (Thu, 28 Mar 2013)\");\n script_name(\"Adobe Air Multiple Vulnerabilities - October 12 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/50876/\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Air/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n# Grep for version 3.4.0.2540 and prior\nif( version_is_less_equal( version:vers, test_version:\"3.4.0.2540\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"3.4.0.2710\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:08", "bulletinFamily": "scanner", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2012-10-15T00:00:00", "id": "OPENVAS:1361412562310802987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802987", "title": "Adobe Flash Player Multiple Vulnerabilities - October 12 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_prdts_mult_vuln_oct12_macosx.nasl 11888 2018-10-12 15:27:49Z cfischer $\n#\n# Adobe Flash Player Multiple Vulnerabilities - October 12 (Mac OS X)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802987\");\n script_version(\"$Revision: 11888 $\");\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\",\n \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\",\n \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\",\n \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\",\n \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\",\n \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\",\n \"CVE-2012-5272\", \"CVE-2012-5673\", \"CVE-2012-5285\", \"CVE-2012-5286\",\n \"CVE-2012-5287\");\n script_bugtraq_id(55827, 56374, 56375, 56376, 56377);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 17:27:49 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-15 12:53:03 +0530 (Mon, 15 Oct 2012)\");\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - October 12 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/50876/\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Flash/Player/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary\n code on the target system or cause a denial of service (memory corruption)\n via unspecified vectors.\");\n script_tag(name:\"affected\", value:\"Adobe Flash Player version before 10.3.183.29, 11.x before 11.4.402.287 on Mac OS X\");\n script_tag(name:\"insight\", value:\"The flaws are due to memory corruption, buffer overflow errors that\n could lead to code execution.\");\n script_tag(name:\"solution\", value:\"Update to Adobe Flash Player version 10.3.183.29 or 11.4.402.287 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/flashplayer/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nplayerVer = get_kb_item(\"Adobe/Flash/Player/MacOSX/Version\");\nif(playerVer)\n{\n if(version_is_less(version: playerVer, test_version:\"10.3.183.29\") ||\n version_in_range(version: playerVer, test_version:\"11.0\", test_version2:\"11.4.402.265\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-11-01T03:00:31", "bulletinFamily": "scanner", "description": "Flash Player was updated to 11.2.202.243\n\n - CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272", "modified": "2019-11-02T00:00:00", "id": "OPENSUSE-2012-697.NASL", "href": "https://www.tenable.com/plugins/nessus/74775", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : flash-player (openSUSE-SU-2013:0370-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-697.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74775);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 10:38:32\");\n\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\", \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\", \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\", \"CVE-2012-5272\");\n script_bugtraq_id(56198, 56200, 56201, 56202, 56203, 56204, 56205, 56206, 56207, 56208, 56209, 56210, 56211, 56212, 56213, 56214, 56215, 56216, 56217, 56218, 56219, 56220, 56221, 56222, 56224);\n\n script_name(english:\"openSUSE Security Update : flash-player (openSUSE-SU-2013:0370-1)\");\n script_summary(english:\"Check for the openSUSE-2012-697 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Flash Player was updated to 11.2.202.243\n\n - CVE-2012-5248, CVE-2012-5249, CVE-2012-5250,\n CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\n CVE-2012-5254, CVE-2012-5255, CVE-2012-5256,\n CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\n CVE-2012-5260, CVE-2012-5261, CVE-2012-5262,\n CVE-2012-5263, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=784168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00042.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00096.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"flash-player-11.2.202.243-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"flash-player-gnome-11.2.202.243-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"flash-player-kde4-11.2.202.243-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"flash-player-11.2.202.243-1.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"flash-player-gnome-11.2.202.243-1.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"flash-player-kde4-11.2.202.243-1.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:29:55", "bulletinFamily": "scanner", "description": "flash player was updated to version 11.2.202.243 fixing a lot of\nsecurity issues :\n\nCVE-2012-5248 / CVE-2012-5249 / CVE-2012-5250 / CVE-2012-5251 /\nCVE-2012-5252 / CVE-2012-5253 / CVE-2012-5254 / CVE-2012-5255 /\nCVE-2012-5256 / CVE-2012-5257 / CVE-2012-5258 / CVE-2012-5259 /\nCVE-2012-5260 / CVE-2012-5261 / CVE-2012-5262 / CVE-2012-5263 /\nCVE-2012-5264 / CVE-2012-5265 / CVE-2012-5266 / CVE-2012-5267 /\nCVE-2012-5268 / CVE-2012-5269 / CVE-2012-5270 / CVE-2012-5271 /\nCVE-2012-5272\n\nPlease visit\n\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html\n\nfor details.", "modified": "2019-11-02T00:00:00", "id": "SUSE_FLASH-PLAYER-8314.NASL", "href": "https://www.tenable.com/plugins/nessus/62494", "published": "2012-10-11T00:00:00", "title": "SuSE 10 Security Update : flash-player (ZYPP Patch Number 8314)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62494);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2014/04/17 10:42:09 $\");\n\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\", \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\", \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\", \"CVE-2012-5272\");\n\n script_name(english:\"SuSE 10 Security Update : flash-player (ZYPP Patch Number 8314)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"flash player was updated to version 11.2.202.243 fixing a lot of\nsecurity issues :\n\nCVE-2012-5248 / CVE-2012-5249 / CVE-2012-5250 / CVE-2012-5251 /\nCVE-2012-5252 / CVE-2012-5253 / CVE-2012-5254 / CVE-2012-5255 /\nCVE-2012-5256 / CVE-2012-5257 / CVE-2012-5258 / CVE-2012-5259 /\nCVE-2012-5260 / CVE-2012-5261 / CVE-2012-5262 / CVE-2012-5263 /\nCVE-2012-5264 / CVE-2012-5265 / CVE-2012-5266 / CVE-2012-5267 /\nCVE-2012-5268 / CVE-2012-5269 / CVE-2012-5270 / CVE-2012-5271 /\nCVE-2012-5272\n\nPlease visit\n\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html\n\nfor details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5248.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5251.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5252.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5253.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5254.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5256.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5257.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5258.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5259.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5260.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5261.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5262.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5264.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5266.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5267.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5268.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5269.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5270.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5271.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5272.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8314.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"flash-player-11.2.202.243-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:17:50", "bulletinFamily": "scanner", "description": "flash player was updated to version 11.2.202.243, fixing a lot of\nsecurity issues :\n\nCVE-2012-5248 / CVE-2012-5249 / CVE-2012-5250 / CVE-2012-5251 /\nCVE-2012-5252 / CVE-2012-5253 / CVE-2012-5254 / CVE-2012-5255 /\nCVE-2012-5256 / CVE-2012-5257 / CVE-2012-5258 / CVE-2012-5259 /\nCVE-2012-5260 / CVE-2012-5261 / CVE-2012-5262 / CVE-2012-5263 /\nCVE-2012-5264 / CVE-2012-5265 / CVE-2012-5266 / CVE-2012-5267 /\nCVE-2012-5268 / CVE-2012-5269 / CVE-2012-5270 / CVE-2012-5271 /\nCVE-2012-5272\n\nPlease visit\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html for\ndetails.", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_FLASH-PLAYER-121010.NASL", "href": "https://www.tenable.com/plugins/nessus/64140", "published": "2013-01-25T00:00:00", "title": "SuSE 11.2 Security Update : flash-player (SAT Patch Number 6937)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64140);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/04/17 10:42:09 $\");\n\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\", \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\", \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\", \"CVE-2012-5272\");\n\n script_name(english:\"SuSE 11.2 Security Update : flash-player (SAT Patch Number 6937)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"flash player was updated to version 11.2.202.243, fixing a lot of\nsecurity issues :\n\nCVE-2012-5248 / CVE-2012-5249 / CVE-2012-5250 / CVE-2012-5251 /\nCVE-2012-5252 / CVE-2012-5253 / CVE-2012-5254 / CVE-2012-5255 /\nCVE-2012-5256 / CVE-2012-5257 / CVE-2012-5258 / CVE-2012-5259 /\nCVE-2012-5260 / CVE-2012-5261 / CVE-2012-5262 / CVE-2012-5263 /\nCVE-2012-5264 / CVE-2012-5265 / CVE-2012-5266 / CVE-2012-5267 /\nCVE-2012-5268 / CVE-2012-5269 / CVE-2012-5270 / CVE-2012-5271 /\nCVE-2012-5272\n\nPlease visit\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html for\ndetails.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=784168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5248.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5249.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5250.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5251.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5252.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5253.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5254.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5255.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5256.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5257.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5258.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5259.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5260.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5261.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5262.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5264.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5266.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5267.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5268.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5269.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5270.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5271.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5272.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6937.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"flash-player-11.2.202.243-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"flash-player-11.2.202.243-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:51:37", "bulletinFamily": "scanner", "description": "According to its version, the instance of Flash Player installed on the\nremote Mac OS X host is 11.x equal to or earlier than 11.4.402.264, or\n10.x equal to or earlier than 10.3.183.23. It is, therefore,\npotentially affected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)", "modified": "2019-11-02T00:00:00", "id": "MACOSX_FLASH_PLAYER_11_4_402_287.NASL", "href": "https://www.tenable.com/plugins/nessus/62482", "published": "2012-10-10T00:00:00", "title": "Flash Player for Mac <= 10.3.183.23 / 11.4.402.265 Multiple Vulnerabilities (APSB12-22)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62482);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2012-5248\",\n \"CVE-2012-5249\",\n \"CVE-2012-5250\",\n \"CVE-2012-5251\",\n \"CVE-2012-5252\",\n \"CVE-2012-5253\",\n \"CVE-2012-5254\",\n \"CVE-2012-5255\",\n \"CVE-2012-5256\",\n \"CVE-2012-5257\",\n \"CVE-2012-5258\",\n \"CVE-2012-5259\",\n \"CVE-2012-5260\",\n \"CVE-2012-5261\",\n \"CVE-2012-5262\",\n \"CVE-2012-5263\",\n \"CVE-2012-5264\",\n \"CVE-2012-5265\",\n \"CVE-2012-5266\",\n \"CVE-2012-5267\",\n \"CVE-2012-5268\",\n \"CVE-2012-5269\",\n \"CVE-2012-5270\",\n \"CVE-2012-5271\",\n \"CVE-2012-5272\",\n \"CVE-2012-5285\",\n \"CVE-2012-5286\",\n \"CVE-2012-5287\",\n \"CVE-2012-5673\"\n );\n script_bugtraq_id(\n 56198,\n 56200,\n 56201,\n 56202,\n 56203,\n 56204,\n 56205,\n 56206,\n 56207,\n 56208,\n 56209,\n 56210,\n 56211,\n 56212,\n 56213,\n 56214,\n 56215,\n 56216,\n 56217,\n 56218,\n 56219,\n 56220,\n 56221,\n 56222,\n 56224,\n 56374,\n 56375,\n 56376,\n 56377\n );\n\n script_name(english:\"Flash Player for Mac <= 10.3.183.23 / 11.4.402.265 Multiple Vulnerabilities (APSB12-22)\");\n script_summary(english:\"Checks version of Flash Player\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Mac OS X host has a browser plugin that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its version, the instance of Flash Player installed on the\nremote Mac OS X host is 11.x equal to or earlier than 11.4.402.264, or\n10.x equal to or earlier than 10.3.183.23. It is, therefore,\npotentially affected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Flash Player version 10.3.183.29, 11.4.402.287 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_flash_player_installed.nasl\");\n script_require_keys(\"MacOSX/Flash_Player/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"MacOSX/Flash_Player/Version\");\n\n# nb: we're checking for versions less than *or equal to* the cutoff!\ntenx_cutoff_version = \"10.3.183.23\";\ntenx_fixed_version = \"10.3.183.29\";\nelevenx_cutoff_version = \"11.4.402.265\";\nelevenx_fixed_version = \"11.4.402.287\";\nfixed_version_for_report = NULL;\n\n# 10x\nif (ver_compare(ver:version, fix:tenx_cutoff_version, strict:FALSE) <= 0)\n fixed_version_for_report = tenx_fixed_version;\n\n# 11x\nif (\n version =~ \"^11\\.\" &&\n ver_compare(ver:version, fix:elevenx_cutoff_version, strict:FALSE) <= 0\n) fixed_version_for_report = elevenx_fixed_version;\n\nif (!isnull(fixed_version_for_report))\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : '+fixed_version_for_report+'\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Flash Player for Mac\", version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T03:20:38", "bulletinFamily": "scanner", "description": "An updated Adobe Flash Player package that fixes several security\nissues is now available for Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe\nFlash Player web browser plug-in.\n\nThis update fixes several vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB12-22,\nlisted in the References section. Specially crafted SWF content could\ncause flash-plugin to crash or, potentially, execute arbitrary code\nwhen a victim loads a page containing the malicious SWF content.\n(CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\nCVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\nCVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\nCVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263,\nCVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267,\nCVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\nCVE-2012-5272)\n\nAll users of Adobe Flash Player should install this updated package,\nwhich upgrades Flash Player to version 11.2.202.243.", "modified": "2019-11-02T00:00:00", "id": "REDHAT-RHSA-2012-1346.NASL", "href": "https://www.tenable.com/plugins/nessus/62471", "published": "2012-10-10T00:00:00", "title": "RHEL 5 / 6 : flash-plugin (RHSA-2012:1346)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1346. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62471);\n script_version (\"1.26\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\", \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\", \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5268\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\", \"CVE-2012-5272\", \"CVE-2012-5285\", \"CVE-2012-5286\", \"CVE-2012-5287\", \"CVE-2012-5673\");\n script_bugtraq_id(55827);\n script_xref(name:\"RHSA\", value:\"2012:1346\");\n\n script_name(english:\"RHEL 5 / 6 : flash-plugin (RHSA-2012:1346)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes several security\nissues is now available for Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe\nFlash Player web browser plug-in.\n\nThis update fixes several vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB12-22,\nlisted in the References section. Specially crafted SWF content could\ncause flash-plugin to crash or, potentially, execute arbitrary code\nwhen a victim loads a page containing the malicious SWF content.\n(CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\nCVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\nCVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259,\nCVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263,\nCVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267,\nCVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\nCVE-2012-5272)\n\nAll users of Adobe Flash Player should install this updated package,\nwhich upgrades Flash Player to version 11.2.202.243.\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb12-22.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb12-22.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5268\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5264\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5266\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5261\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5673\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1346\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"flash-plugin-11.2.202.243-1.el5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"flash-plugin-11.2.202.243-1.el6\")) flag++;\n\n\n if (flag)\n {\n flash_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check only applies to RedHat released\\n' +\n 'versions of the flash-plugin package. This check does not apply to\\n' +\n 'Adobe released versions of the flash-plugin package, which are\\n' +\n 'versioned similarly and cause collisions in detection.\\n\\n' +\n\n 'If you are certain you are running the Adobe released package of\\n' +\n 'flash-plugin and are running a version of it equal or higher to the\\n' +\n 'RedHat version listed above then you can consider this a false\\n' +\n 'positive.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-plugin\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:50:32", "bulletinFamily": "scanner", "description": "According to its version, the instance of Adobe AIR on the remote Mac\nOS X host is 3.4.0.2540 or earlier. It is, therefore, reportedly\naffected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)", "modified": "2019-11-02T00:00:00", "id": "MACOSX_ADOBE_AIR_3_4_0_2710.NASL", "href": "https://www.tenable.com/plugins/nessus/62481", "published": "2012-10-10T00:00:00", "title": "Adobe AIR for Mac 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(62481);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n \n script_cve_id(\n \"CVE-2012-5248\",\n \"CVE-2012-5249\",\n \"CVE-2012-5250\",\n \"CVE-2012-5251\",\n \"CVE-2012-5252\",\n \"CVE-2012-5253\",\n \"CVE-2012-5254\",\n \"CVE-2012-5255\",\n \"CVE-2012-5256\",\n \"CVE-2012-5257\",\n \"CVE-2012-5258\",\n \"CVE-2012-5259\",\n \"CVE-2012-5260\",\n \"CVE-2012-5261\",\n \"CVE-2012-5262\",\n \"CVE-2012-5263\",\n \"CVE-2012-5264\",\n \"CVE-2012-5265\",\n \"CVE-2012-5266\",\n \"CVE-2012-5267\",\n \"CVE-2012-5268\",\n \"CVE-2012-5269\",\n \"CVE-2012-5270\",\n \"CVE-2012-5271\",\n \"CVE-2012-5272\",\n \"CVE-2012-5285\",\n \"CVE-2012-5286\",\n \"CVE-2012-5287\",\n \"CVE-2012-5673\"\n );\n script_bugtraq_id(\n 56198,\n 56200,\n 56201,\n 56202,\n 56203,\n 56204,\n 56205,\n 56206,\n 56207,\n 56208,\n 56209,\n 56210,\n 56211,\n 56212,\n 56213,\n 56214,\n 56215,\n 56216,\n 56217,\n 56218,\n 56219,\n 56220,\n 56221,\n 56222,\n 56224,\n 56374,\n 56375,\n 56376,\n 56377\n );\n\n script_name(english:\"Adobe AIR for Mac 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)\");\n script_summary(english:\"Checks version gathered by local check\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Mac OS X host contains a version of Adobe AIR that is\naffected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its version, the instance of Adobe AIR on the remote Mac\nOS X host is 3.4.0.2540 or earlier. It is, therefore, reportedly\naffected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe AIR 3.4.0.2710 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_air_installed.nasl\");\n script_require_keys(\"MacOSX/Adobe_AIR/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nkb_base = \"MacOSX/Adobe_AIR\";\nversion = get_kb_item_or_exit(kb_base+\"/Version\");\npath = get_kb_item_or_exit(kb_base+\"/Path\");\n\n# nb: we're checking for versions less than *or equal to* the cutoff!\ncutoff_version = '3.4.0.2540';\nfixed_version_for_report = '3.4.0.2710';\n\nif (version =~ '^3\\\\.' && ver_compare(ver:version, fix:cutoff_version, strict:FALSE) <= 0)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Path : ' + path +\n '\\n Installed version : ' + version + \n '\\n Fixed version : '+fixed_version_for_report+'\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Adobe AIR\", version, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:15:39", "bulletinFamily": "scanner", "description": "The remote host is missing KB2758994. It may, therefore, be affected\nby the following vulnerabilities related to the installed version of the\nAdobe Flash ActiveX control :\n\n - Multiple memory corruption errors exist that\n could lead to code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5252, CVE-2012-5256, CVE-2012-5258,\n CVE-2012-5261, CVE-2012-5263, CVE-2012-5267,\n CVE-2012-5268, CVE-2012-5269, CVE-2012-5270,\n CVE-2012-5271, CVE-2012-5272)\n\n - Multiple buffer overflow errors exist that\n could lead to code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)", "modified": "2019-11-02T00:00:00", "id": "SMB_KB2758994.NASL", "href": "https://www.tenable.com/plugins/nessus/62467", "published": "2012-10-10T00:00:00", "title": "MS KB2758994: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62467);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\n \"CVE-2012-5248\",\n \"CVE-2012-5249\",\n \"CVE-2012-5250\",\n \"CVE-2012-5251\",\n \"CVE-2012-5252\",\n \"CVE-2012-5253\",\n \"CVE-2012-5254\",\n \"CVE-2012-5255\",\n \"CVE-2012-5256\",\n \"CVE-2012-5257\",\n \"CVE-2012-5258\",\n \"CVE-2012-5259\",\n \"CVE-2012-5260\",\n \"CVE-2012-5261\",\n \"CVE-2012-5262\",\n \"CVE-2012-5263\",\n \"CVE-2012-5264\",\n \"CVE-2012-5265\",\n \"CVE-2012-5266\",\n \"CVE-2012-5267\",\n \"CVE-2012-5268\",\n \"CVE-2012-5269\",\n \"CVE-2012-5270\",\n \"CVE-2012-5271\",\n \"CVE-2012-5272\",\n \"CVE-2012-5285\",\n \"CVE-2012-5286\",\n \"CVE-2012-5287\",\n \"CVE-2012-5673\"\n );\n script_bugtraq_id(\n 56198,\n 56200,\n 56201,\n 56202,\n 56203,\n 56204,\n 56205,\n 56206,\n 56207,\n 56208,\n 56209,\n 56210,\n 56211,\n 56212,\n 56213,\n 56214,\n 56215,\n 56216,\n 56217,\n 56218,\n 56219,\n 56220,\n 56221,\n 56222,\n 56224,\n 56374,\n 56375,\n 56376,\n 56377\n );\n script_xref(name:\"MSKB\", value:\"2758994\");\n\n script_name(english:\"MS KB2758994: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10\");\n script_summary(english:\"Checks version of ActiveX control\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host has an ActiveX control installed with multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is missing KB2758994. It may, therefore, be affected\nby the following vulnerabilities related to the installed version of the\nAdobe Flash ActiveX control :\n\n - Multiple memory corruption errors exist that\n could lead to code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5252, CVE-2012-5256, CVE-2012-5258,\n CVE-2012-5261, CVE-2012-5263, CVE-2012-5267,\n CVE-2012-5268, CVE-2012-5269, CVE-2012-5270,\n CVE-2012-5271, CVE-2012-5272)\n\n - Multiple buffer overflow errors exist that\n could lead to code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/2758994/microsoft-security-advisory-update-for-internet-explorer-flash-player\");\n script_set_attribute(attribute:\"solution\", value:\"Install Microsoft KB2758994.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\", \"SMB/ProductName\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_activex_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/WindowsVersion');\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nif (activex_init() != ACX_OK)\n audit(AUDIT_FN_FAIL, \"activex_init()\");\n\n# Adobe Flash Player CLSID\nclsid = '{D27CDB6E-AE6D-11cf-96B8-444553540000}';\n\nfile = activex_get_filename(clsid:clsid);\nif (isnull(file))\n{\n activex_end();\n audit(AUDIT_FN_FAIL, \"activex_get_filename\", \"NULL\");\n}\nif (!file)\n{\n activex_end();\n audit(AUDIT_ACTIVEX_NOT_FOUND, clsid);\n}\n\n# Get its version.\nversion = activex_get_fileversion(clsid:clsid);\nif (!version)\n{\n activex_end();\n audit(AUDIT_VER_FAIL, file);\n}\n\ninfo = '';\n\niver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\n\n# < 11.3.375.10\nif( (report_paranoia > 1 || activex_get_killbit(clsid:clsid) == 0) &&\n (iver[0] < 11 ||\n (iver[0] == 11 &&\n (iver[1] < 3 ||\n (iver[1] == 3 && iver[2] < 375) ||\n (iver[1] == 3 && iver[2] == 375 && iver[3] < 10)\n )\n )\n )\n )\n{\n info = '\\n Path : ' + file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.3.375.10\\n';\n}\n\nport = kb_smb_transport();\n\nif(info != '')\n{\n if (report_verbosity > 0)\n {\n if (report_paranoia > 1)\n {\n report = info +\n '\\n' +\n 'Note, though, that Nessus did not check whether the kill bit was\\n' +\n \"set for the control's CLSID because of the Report Paranoia setting\" + '\\n' +\n 'in effect when this scan was run.\\n';\n }\n else\n {\n report = info +\n '\\n' +\n 'Moreover, its kill bit is not set so it is accessible via Internet\\n' +\n 'Explorer.\\n';\n }\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:36:38", "bulletinFamily": "scanner", "description": "According to its version, the instance of Flash Player installed on the\nremote Windows host is 11.x equal to or earlier than 11.4.402.278, or\n10.x equal to or earlier than 10.3.183.23. It is, therefore,\npotentially affected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)", "modified": "2019-11-02T00:00:00", "id": "FLASH_PLAYER_APSB12-22.NASL", "href": "https://www.tenable.com/plugins/nessus/62480", "published": "2012-10-10T00:00:00", "title": "Flash Player <= 10.3.183.23 / 11.4.402.278 Multiple Vulnerabilities (APSB12-22)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62480);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/07/11 17:09:26\");\n\n script_cve_id(\n \"CVE-2012-5248\",\n \"CVE-2012-5249\",\n \"CVE-2012-5250\",\n \"CVE-2012-5251\",\n \"CVE-2012-5252\",\n \"CVE-2012-5253\",\n \"CVE-2012-5254\",\n \"CVE-2012-5255\",\n \"CVE-2012-5256\",\n \"CVE-2012-5257\",\n \"CVE-2012-5258\",\n \"CVE-2012-5259\",\n \"CVE-2012-5260\",\n \"CVE-2012-5261\",\n \"CVE-2012-5262\",\n \"CVE-2012-5263\",\n \"CVE-2012-5264\",\n \"CVE-2012-5265\",\n \"CVE-2012-5266\",\n \"CVE-2012-5267\",\n \"CVE-2012-5268\",\n \"CVE-2012-5269\",\n \"CVE-2012-5270\",\n \"CVE-2012-5271\",\n \"CVE-2012-5272\",\n \"CVE-2012-5285\",\n \"CVE-2012-5286\",\n \"CVE-2012-5287\",\n \"CVE-2012-5673\"\n );\n script_bugtraq_id(\n 56198,\n 56200,\n 56201,\n 56202,\n 56203,\n 56204,\n 56205,\n 56206,\n 56207,\n 56208,\n 56209,\n 56210,\n 56211,\n 56212,\n 56213,\n 56214,\n 56215,\n 56216,\n 56217,\n 56218,\n 56219,\n 56220,\n 56221,\n 56222,\n 56224,\n 56374,\n 56375,\n 56376,\n 56377\n );\n\n script_name(english:\"Flash Player <= 10.3.183.23 / 11.4.402.278 Multiple Vulnerabilities (APSB12-22)\");\n script_summary(english:\"Checks version of Flash Player\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host has a browser plugin that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its version, the instance of Flash Player installed on the\nremote Windows host is 11.x equal to or earlier than 11.4.402.278, or\n10.x equal to or earlier than 10.3.183.23. It is, therefore,\npotentially affected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Flash Player version 10.3.183.29, 11.4.402.287 or\nlater, or Google Chrome PepperFlash 11.4.31.110 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Flash_Player/installed\");\n\n# Identify vulnerable versions.\ninfo = \"\";\n\n# we're checking for versions less than *or equal to* the cutoff!\nforeach variant (make_list(\"Plugin\", \"ActiveX\", \"Chrome\", \"Chrome_Pepper\"))\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n if (!isnull(vers) && !isnull(files))\n {\n foreach key (keys(vers))\n {\n ver = vers[key];\n\n if (ver)\n {\n iver = split(ver, sep:'.', keep:FALSE);\n for (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\n\n\n if (\n (\n variant == \"Chrome_Pepper\" &&\n (\n iver[0] == 11 &&\n (\n iver[1] < 3 ||\n (\n iver[1] == 3 &&\n (\n iver[2] < 31 ||\n (iver[2] == 31 && iver[3] <= 331)\n )\n )\n )\n )\n ) ||\n (\n variant != \"Chrome_Pepper\" &&\n (\n # 10.x <= 10.3.183.23\n (\n iver[0] == 10 &&\n (\n iver[1] < 3 ||\n (\n iver[1] == 3 &&\n (\n iver[2] < 183 ||\n (iver[2] == 183 && iver[3] <= 23)\n )\n )\n )\n ) \n ||\n # 11.x <= 11.4.402.278\n (\n iver[0] == 11 &&\n (\n iver[1] < 4 ||\n (\n iver[1] == 4 &&\n (\n iver[2] < 402 ||\n (iver[2] == 402 && iver[3] <= 278)\n )\n )\n )\n )\n )\n )\n )\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += '\\n Product: Browser Plugin (for Firefox / Netscape / Opera)';\n }\n else if (variant == \"ActiveX\")\n {\n info += '\\n Product : ActiveX control (for Internet Explorer)';\n }\n else if (\"Chrome\" >< variant)\n {\n info += '\\n Product : Browser Plugin (for Google Chrome)';\n }\n info += '\\n Path : ' + file +\n '\\n Installed version : ' + ver;\n if (variant == \"Chrome_Pepper\")\n info += '\\n Fixed version : 11.4.31.110 (Chrome PepperFlash)';\n else\n info += '\\n Fixed version : 10.3.183.29 / 11.4.402.287';\n info += '\\n';\n }\n }\n }\n }\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:info);\n else\n security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse\n{ \n if (thorough_tests) \n exit(0, 'No vulnerable versions of Adobe Flash Player were found.');\n else\n exit(1, 'Google Chrome\\'s built-in Flash Player may not have been detected because the \\'Perform thorough tests\\' setting was not enabled.');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:12:27", "bulletinFamily": "scanner", "description": "According to its version, the instance of Adobe AIR on the remote\nWindows host is 3.4.0.2540 or earlier. It is, therefore, reportedly\naffected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)", "modified": "2019-11-02T00:00:00", "id": "ADOBE_AIR_APSB12-22.NASL", "href": "https://www.tenable.com/plugins/nessus/62479", "published": "2012-10-10T00:00:00", "title": "Adobe AIR 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62479);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\n \"CVE-2012-5248\",\n \"CVE-2012-5249\",\n \"CVE-2012-5250\",\n \"CVE-2012-5251\",\n \"CVE-2012-5252\",\n \"CVE-2012-5253\",\n \"CVE-2012-5254\",\n \"CVE-2012-5255\",\n \"CVE-2012-5256\",\n \"CVE-2012-5257\",\n \"CVE-2012-5258\",\n \"CVE-2012-5259\",\n \"CVE-2012-5260\",\n \"CVE-2012-5261\",\n \"CVE-2012-5262\",\n \"CVE-2012-5263\",\n \"CVE-2012-5264\",\n \"CVE-2012-5265\",\n \"CVE-2012-5266\",\n \"CVE-2012-5267\",\n \"CVE-2012-5268\",\n \"CVE-2012-5269\",\n \"CVE-2012-5270\",\n \"CVE-2012-5271\",\n \"CVE-2012-5272\",\n \"CVE-2012-5285\",\n \"CVE-2012-5286\",\n \"CVE-2012-5287\",\n \"CVE-2012-5673\"\n );\n script_bugtraq_id(\n 56198,\n 56200,\n 56201,\n 56202,\n 56203,\n 56204,\n 56205,\n 56206,\n 56207,\n 56208,\n 56209,\n 56210,\n 56211,\n 56212,\n 56213,\n 56214,\n 56215,\n 56216,\n 56217,\n 56218,\n 56219,\n 56220,\n 56221,\n 56222,\n 56224,\n 56374,\n 56375,\n 56376,\n 56377\n );\n\n script_name(english:\"Adobe AIR 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)\");\n script_summary(english:\"Checks version gathered by local check\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains a version of Adobe AIR that is\naffected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its version, the instance of Adobe AIR on the remote\nWindows host is 3.4.0.2540 or earlier. It is, therefore, reportedly\naffected by multiple vulnerabilities :\n\n - Several unspecified issues exist that can lead to buffer\n overflows and arbitrary code execution. (CVE-2012-5248,\n CVE-2012-5249, CVE-2012-5250, CVE-2012-5251,\n CVE-2012-5253, CVE-2012-5254, CVE-2012-5255,\n CVE-2012-5257, CVE-2012-5259, CVE-2012-5260,\n CVE-2012-5262, CVE-2012-5264, CVE-2012-5265,\n CVE-2012-5266, CVE-2012-5285, CVE-2012-5286,\n CVE-2012-5287)\n\n - Several unspecified issues exist that can lead to memory\n corruption and arbitrary code execution. (CVE-2012-5252,\n CVE-2012-5256, CVE-2012-5258, CVE-2012-5261,\n CVE-2012-5263, CVE-2012-5267, CVE-2012-5268,\n CVE-2012-5269, CVE-2012-5270, CVE-2012-5271,\n CVE-2012-5272)\n\n - An unspecified issue exists having unspecified impact.\n (CVE-2012-5673)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-22.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe AIR 3.4.0.2710 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_air_installed.nasl\");\n script_require_keys(\"SMB/Adobe_AIR/Version\", \"SMB/Adobe_AIR/Path\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"SMB/Adobe_AIR/Version\");\npath = get_kb_item_or_exit(\"SMB/Adobe_AIR/Path\");\n\nversion_ui = get_kb_item(\"SMB/Adobe_AIR/Version_UI\");\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui + ' (' + version + ')';\n\ncutoff_version = '3.4.0.2540';\nfix = '3.4.0.2710';\nfix_ui = '3.4';\n\nif (version =~ '^3\\\\.' && ver_compare(ver:version, fix:cutoff_version) <= 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fix_ui + \" (\" + fix + ')\\n';\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Adobe AIR\", version_report, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:37:24", "bulletinFamily": "scanner", "description": "Adobe reports :\n\nThese vulnerabilities could cause a crash and potentially allow an\nattacker to take control of the affected system.", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_36533A59277011E2BB44003067B2972C.NASL", "href": "https://www.tenable.com/plugins/nessus/62814", "published": "2012-11-06T00:00:00", "title": "FreeBSD : linux-flashplugin -- multiple vulnerabilities (36533a59-2770-11e2-bb44-003067b2972c)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62814);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2012-2034\", \"CVE-2012-2035\", \"CVE-2012-2036\", \"CVE-2012-2037\", \"CVE-2012-2038\", \"CVE-2012-2039\", \"CVE-2012-2040\", \"CVE-2012-5248\", \"CVE-2012-5249\", \"CVE-2012-5250\", \"CVE-2012-5251\", \"CVE-2012-5252\", \"CVE-2012-5253\", \"CVE-2012-5254\", \"CVE-2012-5255\", \"CVE-2012-5256\", \"CVE-2012-5257\", \"CVE-2012-5258\", \"CVE-2012-5259\", \"CVE-2012-5260\", \"CVE-2012-5261\", \"CVE-2012-5262\", \"CVE-2012-5263\", \"CVE-2012-5264\", \"CVE-2012-5265\", \"CVE-2012-5266\", \"CVE-2012-5267\", \"CVE-2012-5269\", \"CVE-2012-5270\", \"CVE-2012-5271\", \"CVE-2012-5272\", \"CVE-2012-5285\", \"CVE-2012-5286\", \"CVE-2012-5287\", \"CVE-2012-5673\");\n\n script_name(english:\"FreeBSD : linux-flashplugin -- multiple vulnerabilities (36533a59-2770-11e2-bb44-003067b2972c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adobe reports :\n\nThese vulnerabilities could cause a crash and potentially allow an\nattacker to take control of the affected system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb12-22.html\"\n );\n # https://vuxml.freebsd.org/freebsd/36533a59-2770-11e2-bb44-003067b2972c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4889abc1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-flashplugin<=11.2r202.238\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:12", "bulletinFamily": "unix", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes several vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB12-22, listed\nin the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2012-5248,\nCVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253,\nCVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258,\nCVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263,\nCVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268,\nCVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.243.\n", "modified": "2018-06-07T09:04:34", "published": "2012-10-09T04:00:00", "id": "RHSA-2012:1346", "href": "https://access.redhat.com/errata/RHSA-2012:1346", "type": "redhat", "title": "(RHSA-2012:1346) Critical: flash-plugin security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:44", "bulletinFamily": "unix", "description": "\nAdobe reports:\n\nThese vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.\n\n", "modified": "2012-10-08T00:00:00", "published": "2012-10-08T00:00:00", "id": "36533A59-2770-11E2-BB44-003067B2972C", "href": "https://vuxml.freebsd.org/freebsd/36533a59-2770-11e2-bb44-003067b2972c.html", "title": "linux-flashplugin -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5255", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5255", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5255", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5248", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5248", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5248", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:26", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5271", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5271", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5271", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:26", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.", "modified": "2013-11-25T04:28:00", "id": "CVE-2012-5272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5272", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5272", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5258", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5258", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5258", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5253", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5253", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5253", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5260", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5260", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5260", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5259", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5259", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5259", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:26", "bulletinFamily": "NVD", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5265", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5265", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5265", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.", "modified": "2017-08-29T01:32:00", "id": "CVE-2012-5263", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5263", "published": "2012-10-09T11:13:00", "title": "CVE-2012-5263", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:44", "bulletinFamily": "unix", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. \n\n### Description\n\nMultiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-plugins/adobe-flash-11.2.202.310\"", "modified": "2013-09-14T00:00:00", "published": "2013-09-14T00:00:00", "id": "GLSA-201309-06", "href": "https://security.gentoo.org/glsa/201309-06", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
