{"cve": [{"lastseen": "2022-03-23T13:11:05", "description": "Adobe Flash Player 9.0.124.0 and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy.", "cvss3": {}, "published": "2008-11-10T14:12:00", "type": "cve", "title": "CVE-2008-4822", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4822"], "modified": "2018-10-30T16:26:00", "cpe": ["cpe:/a:adobe:flash_player:9.0", "cpe:/a:adobe:flash_player:9.0.31", "cpe:/a:adobe:flash_player:9.0.28.0", "cpe:/a:adobe:flash_player:9.0.45.0", "cpe:/a:adobe:flash_player:9.0.16", "cpe:/a:adobe:flash_player:7.0.69.0", "cpe:/a:adobe:flash_player:9.0.31.0", "cpe:/a:adobe:flash_player:9.0.20.0", "cpe:/a:adobe:flash_player:9.0.18d60", "cpe:/a:adobe:flash_player:9.0.124.0", "cpe:/a:adobe:flash_player:9.0.114.0", "cpe:/a:adobe:flash_player:9.0.115.0", "cpe:/a:adobe:flash_player:9.0.48.0", "cpe:/a:adobe:flash_player:9.0.28", "cpe:/a:adobe:flash_player:9.0.47.0", "cpe:/a:adobe:flash_player:8.0.39.0", "cpe:/a:adobe:flash_player:9.0.20", "cpe:/a:adobe:flash_player:9.0.112.0"], "id": "CVE-2008-4822", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4822", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.16:*:windows:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:mac_os_x:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-29T22:26:46", "description": "This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4820", "CVE-2008-5362", "CVE-2008-5361", "CVE-2008-4824", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310800055", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800055", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800055\");\n script_version(\"2020-04-27T11:01:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 11:01:03 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2008-11-12 16:32:06 +0100 (Wed, 12 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4820\", \"CVE-2008-4821\",\n \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\",\n \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_bugtraq_id(32129);\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-20.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful attack could allow malicious people to bypass certain\n security restrictions or manipulate certain data.\");\n script_tag(name:\"affected\", value:\"Adobe Flash Player 9.0.124.0 and earlier on Linux.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are reported in Adobe Flash Player, see the references\n for more information.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Flash Player 9.0.151.0 or 10.0.12.36.\");\n script_tag(name:\"summary\", value:\"This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nadobeVer = get_kb_item(\"AdobeFlashPlayer/Linux/Ver\");\nif(!adobeVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:adobeVer, test_version:\"9.0.124.0\")){\n report = report_fixed_ver(installed_version:adobeVer, vulnerable_range:\"Less than or equal to 9.0.124.0\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-20T08:49:55", "description": "This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4820", "CVE-2008-5362", "CVE-2008-5361", "CVE-2008-4824", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821"], "modified": "2017-07-05T00:00:00", "id": "OPENVAS:800055", "href": "http://plugins.openvas.org/nasl.php?oid=800055", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_flash_player_mult_vuln_nov08_lin.nasl 6539 2017-07-05 12:02:14Z cfischer $\n#\n# Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful attack could allow malicious people to bypass certain\n security restrictions or manipulate certain data.\n Impact Level: Application\";\ntag_affected = \"Adobe Flash Player 9.0.124.0 and earlier on Linux.\";\ntag_insight = \"Multiple flaws are reported in Adobe Flash Player, for more information\n refer,\n http://www.adobe.com/support/security/bulletins/apsb08-20.html\n http://www.adobe.com/support/security/bulletins/apsb08-22.html\";\ntag_solution = \"Upgrade to Adobe Flash Player 9.0.151.0 or 10.0.12.36,\n http://www.adobe.com/downloads/\";\ntag_summary = \"This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.\";\n\nif(description)\n{\n script_id(800055);\n script_version(\"$Revision: 6539 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-05 14:02:14 +0200 (Wed, 05 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-12 16:32:06 +0100 (Wed, 12 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4820\", \"CVE-2008-4821\",\n \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\",\n \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_bugtraq_id(32129);\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - Nov08 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb08-20.html\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb08-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_lin.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nadobeVer = get_kb_item(\"AdobeFlashPlayer/Linux/Ver\");\nif(!adobeVer){\n exit(0);\n}\n\n# Check for version 9.0.124.0 and prior\nif(version_is_less_equal(version:adobeVer, test_version:\"9.0.124.0\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-11T17:54:23", "description": "This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4820", "CVE-2008-5362", "CVE-2008-5361", "CVE-2008-4824", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310800054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800054\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2008-11-12 16:32:06 +0100 (Wed, 12 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4820\", \"CVE-2008-4821\",\n \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\",\n \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_bugtraq_id(32129);\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-20.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Win/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful attack could allow malicious people to bypass certain\n security restrictions or manipulate certain data.\");\n\n script_tag(name:\"affected\", value:\"Adobe Flash Player 9.0.124.0 and earlier on Windows.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are reported in Adobe Flash Player, please see the\n references for more information.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Flash Player 9.0.151.0 or 10.0.12.36.\");\n\n script_tag(name:\"summary\", value:\"This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less_equal( version:vers, test_version:\"9.0.124.0\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.0.124.0\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-20T13:19:57", "description": "This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4820", "CVE-2008-5362", "CVE-2008-5361", "CVE-2008-4824", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:800054", "href": "http://plugins.openvas.org/nasl.php?oid=800054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_flash_player_mult_vuln_nov08_win.nasl 8178 2017-12-19 13:42:38Z cfischer $\n#\n# Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:flash_player\";\n\ntag_impact = \"Successful attack could allow malicious people to bypass certain\n security restrictions or manipulate certain data.\n Impact Level: Application\";\ntag_affected = \"Adobe Flash Player 9.0.124.0 and earlier on Windows.\";\ntag_insight = \"Multiple flaws are reported in Adobe Flash Player, for more information\n refer,\n http://www.adobe.com/support/security/bulletins/apsb08-22.html\n http://www.adobe.com/support/security/bulletins/apsb08-20.html\";\ntag_solution = \"Upgrade to Adobe Flash Player 9.0.151.0 or 10.0.12.36,\n http://www.adobe.com/downloads/\";\ntag_summary = \"This host has Adobe Flash Player installed and is prone to\n multiple security bypass vulnerabilities.\";\n\nif(description)\n{\n script_id(800054);\n script_version(\"$Revision: 8178 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 14:42:38 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-12 16:32:06 +0100 (Wed, 12 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4820\", \"CVE-2008-4821\",\n \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\",\n \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_bugtraq_id(32129);\n script_name(\"Adobe Flash Player Multiple Vulnerabilities - Nov08 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb08-20.html\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb08-22.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_flash_player_detect_win.nasl\");\n script_mandatory_keys(\"AdobeFlashPlayer/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n# Check for version 9.0.124.0 and prior\nif( version_is_less_equal( version:vers, test_version:\"9.0.124.0\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"9.0.124.0\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:35", "description": "The remote host is missing updates announced in\nadvisory GLSA 200903-23.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200903-23 (netscape-flash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5362", "CVE-2009-0114", "CVE-2008-5361", "CVE-2009-0520", "CVE-2008-4824", "CVE-2008-5499", "CVE-2008-3873", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2009-0519", "CVE-2008-4401", "CVE-2008-4503", "CVE-2009-0521", "CVE-2008-4821"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63554", "href": "http://plugins.openvas.org/nasl.php?oid=63554", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been identified, the worst of which allow\narbitrary code execution on a user's system via a malicious Flash file.\";\ntag_solution = \"All Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/netscape-flash-10.0.22.87'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=239543\nhttp://bugs.gentoo.org/show_bug.cgi?id=251496\nhttp://bugs.gentoo.org/show_bug.cgi?id=260264\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200903-23.\";\n\n \n \n\nif(description)\n{\n script_id(63554);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-3873\", \"CVE-2008-4401\", \"CVE-2008-4503\", \"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\", \"CVE-2008-5362\", \"CVE-2008-5363\", \"CVE-2008-5499\", \"CVE-2009-0114\", \"CVE-2009-0519\", \"CVE-2009-0520\", \"CVE-2009-0521\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200903-23 (netscape-flash)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/netscape-flash\", unaffected: make_list(\"ge 10.0.22.87\"), vulnerable: make_list(\"lt 10.0.22.87\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:44", "description": "The remote host is missing updates announced in\nadvisory GLSA 200903-23.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200903-23 (netscape-flash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5362", "CVE-2009-0114", "CVE-2008-5361", "CVE-2009-0520", "CVE-2008-4824", "CVE-2008-5499", "CVE-2008-3873", "CVE-2008-5363", "CVE-2008-4823", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2009-0519", "CVE-2008-4401", "CVE-2008-4503", "CVE-2009-0521", "CVE-2008-4821"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063554", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063554", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been identified, the worst of which allow\narbitrary code execution on a user's system via a malicious Flash file.\";\ntag_solution = \"All Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/netscape-flash-10.0.22.87'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=239543\nhttp://bugs.gentoo.org/show_bug.cgi?id=251496\nhttp://bugs.gentoo.org/show_bug.cgi?id=260264\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200903-23.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63554\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-3873\", \"CVE-2008-4401\", \"CVE-2008-4503\", \"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\", \"CVE-2008-5362\", \"CVE-2008-5363\", \"CVE-2008-5499\", \"CVE-2009-0114\", \"CVE-2009-0519\", \"CVE-2009-0520\", \"CVE-2009-0521\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200903-23 (netscape-flash)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/netscape-flash\", unaffected: make_list(\"ge 10.0.22.87\"), vulnerable: make_list(\"lt 10.0.22.87\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T13:09:17", "description": "According to its version number, an instance of Flash Player on the remote Windows host is 9.0.124.0 or earlier. Such versions are potentially affected by several vulnerabilities : \n\n - A potential port-scanning issue. (CVE-2007-4324)\n - Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243)\n - Potential Clipboard attacks. (CVE-2008-3873)\n - FileReference upload and download APIs that don't require user interaction. (CVE-2008-4401)\n - A 'Clickjacking' issue that could be abused by an attacker to lure a web browser user into unknowingly clicking on a link or dialog. (CVE-2008-4503)\n - A potential cross-site scripting vulnerability. (CVE-2008-4818)\n - A potential issue that could be leveraged to conduct a DNS rebinding attack. (CVE-2008-4819)\n - An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820)\n - An information disclosure issue involving interpretation of the 'jar: ' protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821)\n - An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822)\n - A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2008-11-12T00:00:00", "type": "nessus", "title": "Flash Player APSB08-18 / APSB08-20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6243", "CVE-2007-4324", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4820"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"], "id": "4746.PRM", "href": "https://www.tenable.com/plugins/nnm/4746", "sourceData": "Binary data 4746.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-08T15:12:35", "description": "According to its version number, an instance of Flash Player on the remote Windows host is 9.0.124.0 or earlier. Such versions are potentially affected by several vulnerabilities :\n\n - A potential port-scanning issue. (CVE-2007-4324)\n\n - Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243)\n\n - Potential Clipboard attacks. (CVE-2008-3873)\n\n - FileReference upload and download APIs that don't require user interaction. (CVE-2008-4401)\n\n - A 'Clickjacking' issue that could be abused by an attacker to lure a web browser user into unknowingly clicking on a link or dialog. (CVE-2008-4503)\n\n - A potential cross-site scripting vulnerability. (CVE-2008-4818)\n\n - A potential issue that could be leveraged in to conduct a DNS rebinding attack. (CVE-2008-4819)\n\n - An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820)\n\n - An information disclosure issue involving interpretation of the 'jar:' protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821)\n\n - An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822)\n\n - A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823)\n\n - Multiple input validation errors could potentially lead to execution of arbitrary code. (CVE-2008-4824)", "cvss3": {"score": null, "vector": null}, "published": "2008-11-11T00:00:00", "type": "nessus", "title": "Flash Player < 9.0.151.0 / 10.0.12.36 Multiple Vulnerabilities (APSB08-18 / APSB08-20 / APSB08-22)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4820", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824"], "modified": "2022-04-07T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "FLASH_PLAYER_APSB08-20.NASL", "href": "https://www.tenable.com/plugins/nessus/34741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34741);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2007-4324\",\n \"CVE-2007-6243\",\n \"CVE-2008-3873\",\n \"CVE-2008-4401\",\n \"CVE-2008-4503\",\n \"CVE-2008-4818\",\n \"CVE-2008-4819\",\n \"CVE-2008-4820\",\n \"CVE-2008-4821\",\n \"CVE-2008-4822\",\n \"CVE-2008-4823\",\n \"CVE-2008-4824\"\n );\n script_bugtraq_id(\n 25260,\n 26966,\n 31117,\n 32129\n );\n\n script_name(english:\"Flash Player < 9.0.151.0 / 10.0.12.36 Multiple Vulnerabilities (APSB08-18 / APSB08-20 / APSB08-22)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a browser plugin that is affected by\nmultiple issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, an instance of Flash Player on the\nremote Windows host is 9.0.124.0 or earlier. Such versions are\npotentially affected by several vulnerabilities :\n\n - A potential port-scanning issue. (CVE-2007-4324)\n\n - Possible privilege escalation attacks against web \n servers hosting Flash content and cross-domain policy \n files. (CVE-2007-6243)\n\n - Potential Clipboard attacks. (CVE-2008-3873)\n\n - FileReference upload and download APIs that don't\n require user interaction. (CVE-2008-4401)\n\n - A 'Clickjacking' issue that could be abused by an \n attacker to lure a web browser user into unknowingly \n clicking on a link or dialog. (CVE-2008-4503)\n\n - A potential cross-site scripting vulnerability. \n (CVE-2008-4818)\n\n - A potential issue that could be leveraged in to conduct\n a DNS rebinding attack. (CVE-2008-4819)\n\n - An information disclosure issue affecting only the \n ActiveX control. (CVE-2008-4820)\n\n - An information disclosure issue involving interpretation\n of the 'jar:' protocol and affecting only the plugin for \n Mozilla browsers. (CVE-2008-4821)\n\n - An issue with policy file interpretation could \n potentially lead to bypass of a non-root domain policy. \n (CVE-2008-4822)\n\n - A potential HTML injection issue involving an \n ActionScript attribute. (CVE-2008-4823)\n\n - Multiple input validation errors could potentially lead\n to execution of arbitrary code. (CVE-2008-4824)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/advisories/apsa08-08.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb08-22.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Flash Player version 10.0.12.36 / 9.0.151.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 79, 200, 264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n\n exit(0);\n}\n\n#\n\nif (!get_kb_item(\"SMB/Flash_Player/installed\")) exit(0);\n\n\ninclude(\"global_settings.inc\");\n\n\n# Identify vulnerable versions.\ninfo = \"\";\n\nforeach variant (make_list(\"Plugin\", \"ActiveX\"))\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n if (!isnull(vers) && !isnull(files))\n {\n foreach key (keys(vers))\n {\n ver = vers[key];\n if (ver)\n {\n iver = split(ver, sep:'.', keep:FALSE);\n for (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\n\n if (\n iver[0] < 9 ||\n (iver[0] == 9 && iver[1] == 0 && iver[2] <= 124)\n )\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += ' - Browser Plugin (for Firefox / Netscape / Opera) :\\n';\n }\n else if (variant == \"ActiveX\")\n {\n info += ' - ActiveX control (for Internet Explorer) :\\n';\n }\n info += ' ' + file + ', ' + ver + '\\n';\n }\n }\n }\n }\n}\n\n\nif (info)\n{\n if (report_verbosity)\n {\n # nb: each vulnerable instance adds 2 lines to 'info'.\n if (max_index(split(info)) > 2) s = \"s\";\n else s = \"\";\n\n report = string(\n \"\\n\",\n \"Nessus has identified the following vulnerable instance\", s, \" of Flash\\n\",\n \"Player installed on the remote host :\\n\",\n \"\\n\",\n info\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:17", "description": "According to its version number, an instance of Adobe AIR on the remote Windows host is 1.5 or earlier. Such versions are potentially affected by several vulnerabilities : \n\n - A potential port-scanning issue. (CVE-2007-4324)\n\n - Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243)\n\n - Potential Clipboard attacks. (CVE-2008-3873)\n\n - FileReference upload and download APIs that don't require user interaction. (CVE-2008-4401)\n\n - A potential cross-site scripting vulnerability. (CVE-2008-4818)\n\n - A potential issue that could be leveraged to conduct a DNS rebinding attack. (CVE-2008-4819)\n\n - An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820)\n\n - An information disclosure issue involving interpretation of the 'jar: ' protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821)\n\n - An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822)\n\n - A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823)\n\n - Multiple input validation errors could potentially lead to execution of arbitrary code. (CVE-2008-4824)\n\n - An Adobe AIR application that loads data from an untrusted source could allow an attacker to execute untrusted JavaScript with elevated privileges. (CVE-2008-5108)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2008-11-18T00:00:00", "type": "nessus", "title": "Adobe AIR APSB08-23 / APSB08-22 / APSB08-20 / APSB08-18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6243", "CVE-2007-4324", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-4820", "CVE-2008-5108"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*"], "id": "4760.PRM", "href": "https://www.tenable.com/plugins/nnm/4760", "sourceData": "Binary data 4760.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:42:35", "description": "According to its version number, an instance of Adobe AIR on the remote Windows host is 1.1 or earlier. Such versions are potentially affected by several vulnerabilities (APSB08-23 / APSB08-22 / APSB08-20 / APSB08-18):\n\n - A potential port-scanning issue. (CVE-2007-4324)\n\n - Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243)\n\n - Potential Clipboard attacks. (CVE-2008-3873)\n\n - FileReference upload and download APIs that don't require user interaction. (CVE-2008-4401)\n\n - A potential cross-site scripting vulnerability. (CVE-2008-4818)\n\n - A potential issue that could be leveraged to conduct a DNS rebinding attack. (CVE-2008-4819)\n\n - An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820)\n\n - An information disclosure issue involving interpretation of the 'jar:' protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821)\n\n - An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822)\n\n - A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823)\n\n - Multiple input validation errors could potentially lead to execution of arbitrary code. (CVE-2008-4824)\n\n - An Adobe AIR application that loads data from an untrusted source could allow an attacker to execute untrusted JavaScript with elevated privileges. (CVE-2008-5108)", "cvss3": {"score": null, "vector": null}, "published": "2008-11-18T00:00:00", "type": "nessus", "title": "Adobe AIR < 1.5 Multiple Vulnerabilities (APSB08-23)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4820", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5108"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:air"], "id": "ADOBE_AIR_APSB08-23.NASL", "href": "https://www.tenable.com/plugins/nessus/34815", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34815);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-4324\",\n \"CVE-2007-6243\",\n \"CVE-2008-3873\",\n \"CVE-2008-4401\",\n \"CVE-2008-4818\",\n \"CVE-2008-4819\",\n \"CVE-2008-4820\",\n \"CVE-2008-4821\",\n \"CVE-2008-4822\",\n \"CVE-2008-4823\",\n \"CVE-2008-4824\",\n \"CVE-2008-5108\"\n );\n script_bugtraq_id(\n 25260,\n 26966,\n 31117,\n 32129,\n 32334\n );\n script_xref(name:\"SECUNIA\", value:\"32772\");\n\n script_name(english:\"Adobe AIR < 1.5 Multiple Vulnerabilities (APSB08-23)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a runtime environment that is\naffected by multiple issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, an instance of Adobe AIR on the\nremote Windows host is 1.1 or earlier. Such versions are potentially\naffected by several vulnerabilities (APSB08-23 / APSB08-22 / \nAPSB08-20 / APSB08-18):\n\n - A potential port-scanning issue. (CVE-2007-4324)\n\n - Possible privilege escalation attacks against web \n servers hosting Flash content and cross-domain policy \n files. (CVE-2007-6243)\n\n - Potential Clipboard attacks. (CVE-2008-3873)\n\n - FileReference upload and download APIs that don't\n require user interaction. (CVE-2008-4401)\n\n - A potential cross-site scripting vulnerability. \n (CVE-2008-4818)\n\n - A potential issue that could be leveraged to conduct\n a DNS rebinding attack. (CVE-2008-4819)\n\n - An information disclosure issue affecting only the \n ActiveX control. (CVE-2008-4820)\n\n - An information disclosure issue involving interpretation\n of the 'jar:' protocol and affecting only the plugin for \n Mozilla browsers. (CVE-2008-4821)\n\n - An issue with policy file interpretation could \n potentially lead to bypass of a non-root domain policy. \n (CVE-2008-4822)\n\n - A potential HTML injection issue involving an \n ActionScript attribute. (CVE-2008-4823)\n\n - Multiple input validation errors could potentially lead\n to execution of arbitrary code. (CVE-2008-4824)\n\n - An Adobe AIR application that loads data from an \n untrusted source could allow an attacker to execute \n untrusted JavaScript with elevated privileges. \n (CVE-2008-5108)\");\n # https://web.archive.org/web/20090213183551/http://www.adobe.com/support/security/bulletins/apsb08-23.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0d47175e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe AIR version 1.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 79, 94, 200, 264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:air\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_air_installed.nasl\");\n script_require_keys(\"SMB/Adobe_AIR/Version\");\n\n exit(0);\n}\n\n#\n\ninclude(\"global_settings.inc\");\n\n\nversion_ui = get_kb_item(\"SMB/Adobe_AIR/Version_UI\");\nversion = get_kb_item(\"SMB/Adobe_AIR/Version\");\nif (isnull(version)) exit(0);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] < 1 ||\n (\n ver[0] == 1 && \n (\n ver[1] < 5 ||\n (ver[1] == 5 && ver[2] == 0 && ver[3] < 7220)\n )\n )\n)\n{\n if (report_verbosity && version_ui)\n {\n report = string(\n \"\\n\",\n \"Adobe AIR \", version_ui, \" is currently installed on the remote host.\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:55:51", "description": "An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\n[Updated 18th November 2008] This erratum has been updated to include a reference to the additional CVE-named issue that was not public at the time of release. The security impact of the erratum has also been upgraded to Critical. No changes have been made to the packages.\n\nThe flash-plugin package contains a Firefox-compatible Adobe Flash Player Web browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the clipboard. A malicious SWF (Shockwave Flash) file could populate the clipboard with a URL that could cause the user to accidentally or mistakenly load an attacker-controlled URL. (CVE-2008-3873)\n\nA flaw was found with Adobe's ActionScript scripting language which allowed Flash scripts to initiate file uploads and downloads without user interaction. ActionScript's FileReference.browse and FileReference.download method calls can now only be initiated via user interaction, such as through mouse-clicks or key-presses on the keyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of Settings Manager content. A malicious SWF file could trick the user into unintentionally or mistakenly clicking a link or a dialog which could then give the malicious SWF file permission to access the local machine's camera or microphone. (CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation and usage of cross-domain policy files. A remote attacker could use Flash Player to conduct cross-domain and cross-site scripting attacks (CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes for these issues.\n\nFlash Player contains a flaw in the way it interprets HTTP response headers. An attacker could use this flaw to conduct a cross-site scripting attack against the user running Flash Player.\n(CVE-2008-4818)\n\nA flaw was found in the way Flash Player handles the ActionScript attribute. A malicious site could use this flaw to inject arbitrary HTML content, confusing the user running the browser. (CVE-2008-4823)\n\nA flaw was found in the way Flash Player interprets policy files. It was possible to bypass a non-root domain policy, possibly allowing a malicious site to access data in a different domain. (CVE-2008-4822)\n\nA flaw was found in how Flash Player's jar: protocol handler interacts with Mozilla. A malicious flash application could use this flaw to disclose sensitive information. (CVE-2008-4821)\n\nUpdated Flash Player also extends mechanisms to help prevent an attacker from executing a DNS rebinding attack. (CVE-2008-4819)\n\nAll users of Adobe Flash Player should upgrade to this updated package, which contains Flash Player version 9.0.151.0.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 : flash-plugin (RHSA-2008:0980)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:flash-plugin", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2008-0980.NASL", "href": "https://www.tenable.com/plugins/nessus/63870", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0980. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63870);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4324\", \"CVE-2007-6243\", \"CVE-2008-3873\", \"CVE-2008-4401\", \"CVE-2008-4503\", \"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\", \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_xref(name:\"RHSA\", value:\"2008:0980\");\n\n script_name(english:\"RHEL 3 / 4 : flash-plugin (RHSA-2008:0980)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes several security\nissues is now available for Red Hat Enterprise Linux 3 and 4 Extras.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\n[Updated 18th November 2008] This erratum has been updated to include\na reference to the additional CVE-named issue that was not public at\nthe time of release. The security impact of the erratum has also been\nupgraded to Critical. No changes have been made to the packages.\n\nThe flash-plugin package contains a Firefox-compatible Adobe Flash\nPlayer Web browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the\nclipboard. A malicious SWF (Shockwave Flash) file could populate the\nclipboard with a URL that could cause the user to accidentally or\nmistakenly load an attacker-controlled URL. (CVE-2008-3873)\n\nA flaw was found with Adobe's ActionScript scripting language which\nallowed Flash scripts to initiate file uploads and downloads without\nuser interaction. ActionScript's FileReference.browse and\nFileReference.download method calls can now only be initiated via user\ninteraction, such as through mouse-clicks or key-presses on the\nkeyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of Settings Manager\ncontent. A malicious SWF file could trick the user into\nunintentionally or mistakenly clicking a link or a dialog which could\nthen give the malicious SWF file permission to access the local\nmachine's camera or microphone. (CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation\nand usage of cross-domain policy files. A remote attacker could use\nFlash Player to conduct cross-domain and cross-site scripting attacks\n(CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes\nfor these issues.\n\nFlash Player contains a flaw in the way it interprets HTTP response\nheaders. An attacker could use this flaw to conduct a cross-site\nscripting attack against the user running Flash Player.\n(CVE-2008-4818)\n\nA flaw was found in the way Flash Player handles the ActionScript\nattribute. A malicious site could use this flaw to inject arbitrary\nHTML content, confusing the user running the browser. (CVE-2008-4823)\n\nA flaw was found in the way Flash Player interprets policy files. It\nwas possible to bypass a non-root domain policy, possibly allowing a\nmalicious site to access data in a different domain. (CVE-2008-4822)\n\nA flaw was found in how Flash Player's jar: protocol handler interacts\nwith Mozilla. A malicious flash application could use this flaw to\ndisclose sensitive information. (CVE-2008-4821)\n\nUpdated Flash Player also extends mechanisms to help prevent an\nattacker from executing a DNS rebinding attack. (CVE-2008-4819)\n\nAll users of Adobe Flash Player should upgrade to this updated\npackage, which contains Flash Player version 9.0.151.0.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-4324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-6243.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-3873.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4401.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4503.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4818.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4819.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4821.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4822.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4823.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-4824.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5361.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5362.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5363.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/support/security/bulletins/apsb08-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/support/security/bulletins/apsb08-20.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/support/security/bulletins/apsb08-22.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.adobe.com/products/flashplayer/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2008-0980.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 79, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"flash-plugin-9.0.151.0-1.el3.with.oss\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"flash-plugin-9.0.151.0-1.el4\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i386\", reference:\"flash-plugin-9.0.151.0-1.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:18", "description": "An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\n[Updated 18th November 2008] The erratum has been updated to include references to the additional CVE-named issues that were not public at the time of release. The security impact of the erratum has also been upgraded to Critical. No changes have been made to the packages.\n\nThe flash-plugin package contains a Firefox-compatible Adobe Flash Player Web browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the clipboard. A malicious SWF file could populate the clipboard with a URL that could cause the user to mistakenly load an attacker-controlled URL. (CVE-2008-3873)\n\nA flaw was found which allowed Adobe Flash Player's ActionScript to initiate file uploads and downloads without user interaction.\nFileReference.browse and FileReference.download calls can now only be initiated via user interaction, such as mouse-clicks or key-presses on the keyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of the Settings Manager content. A malicious SWF file could trick the user into unknowingly clicking a link or dialog. This could then give the malicious SWF file permission to access the local machine's camera or microphone. (CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation and usage of cross-domain policy files. A remote attacker could use Flash Player to conduct cross-domain and cross-site scripting attacks (CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes for these issues.\n\nAdobe Flash Player 10 also includes bug fixes and feature enhancements including :\n\n* improved stability on the Linux platform by fixing a race condition issue in sound output.\n\n* new support for custom filters and effects, native 3D transformation and animation, advanced audio processing, a new, more flexible text engine, and GPU hardware acceleration.\n\nFor more information on new features and enhancements, see the Adobe Flash Player site and the Adobe Labs Release Notes.\n\nNote: some users may have installed a 3rd-party component, libflashsupport, for older versions of Flash Player. Adobe Flash Player 10 no longer supports libflashsupport. Users are advised to remove libflashsupport if they have it installed.\n\nAll users of Adobe Flash Player should upgrade to this updated package, which contains Flash Player version 10.0.12.36.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : flash-plugin (RHSA-2008:0945)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:flash-plugin", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0945.NASL", "href": "https://www.tenable.com/plugins/nessus/63869", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0945. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63869);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4324\", \"CVE-2007-6243\", \"CVE-2008-3873\", \"CVE-2008-4401\", \"CVE-2008-4503\", \"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\", \"CVE-2008-5362\", \"CVE-2008-5363\");\n script_bugtraq_id(25260, 26966, 31117);\n script_xref(name:\"RHSA\", value:\"2008:0945\");\n\n script_name(english:\"RHEL 5 : flash-plugin (RHSA-2008:0945)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes several security\nissues is now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\n[Updated 18th November 2008] The erratum has been updated to include\nreferences to the additional CVE-named issues that were not public at\nthe time of release. The security impact of the erratum has also been\nupgraded to Critical. No changes have been made to the packages.\n\nThe flash-plugin package contains a Firefox-compatible Adobe Flash\nPlayer Web browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the\nclipboard. A malicious SWF file could populate the clipboard with a\nURL that could cause the user to mistakenly load an\nattacker-controlled URL. (CVE-2008-3873)\n\nA flaw was found which allowed Adobe Flash Player's ActionScript to\ninitiate file uploads and downloads without user interaction.\nFileReference.browse and FileReference.download calls can now only be\ninitiated via user interaction, such as mouse-clicks or key-presses on\nthe keyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of the Settings\nManager content. A malicious SWF file could trick the user into\nunknowingly clicking a link or dialog. This could then give the\nmalicious SWF file permission to access the local machine's camera or\nmicrophone. (CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation\nand usage of cross-domain policy files. A remote attacker could use\nFlash Player to conduct cross-domain and cross-site scripting attacks\n(CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes\nfor these issues.\n\nAdobe Flash Player 10 also includes bug fixes and feature enhancements\nincluding :\n\n* improved stability on the Linux platform by fixing a race condition\nissue in sound output.\n\n* new support for custom filters and effects, native 3D transformation\nand animation, advanced audio processing, a new, more flexible text\nengine, and GPU hardware acceleration.\n\nFor more information on new features and enhancements, see the Adobe\nFlash Player site and the Adobe Labs Release Notes.\n\nNote: some users may have installed a 3rd-party component,\nlibflashsupport, for older versions of Flash Player. Adobe Flash\nPlayer 10 no longer supports libflashsupport. Users are advised to\nremove libflashsupport if they have it installed.\n\nAll users of Adobe Flash Player should upgrade to this updated\npackage, which contains Flash Player version 10.0.12.36.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4503\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5362\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5363\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb08-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb08-18.html\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb08-20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb08-20.html\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb08-22.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb08-22.html\"\n );\n # http://labs.adobe.com/technologies/flashplayer10/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/devnet/flashplayer.html\"\n );\n # http://www.adobe.com/products/flashplayer/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/products/flashplayer/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0945\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 79, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0945\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"flash-plugin-10.0.12.36-2.el5\")) flag++;\n\n\n if (flag)\n {\n flash_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check only applies to RedHat released\\n' +\n 'versions of the flash-plugin package. This check does not apply to\\n' +\n 'Adobe released versions of the flash-plugin package, which are\\n' +\n 'versioned similarly and cause collisions in detection.\\n\\n' +\n\n 'If you are certain you are running the Adobe released package of\\n' +\n 'flash-plugin and are running a version of it equal or higher to the\\n' +\n 'RedHat version listed above then you can consider this a false\\n' +\n 'positive.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-plugin\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:16", "description": "The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2008-008 applied. \n\nThis security update contains fixes for the following products :\n\n - BOM\n - CoreGraphics\n - CoreServices\n - Flash Player Plug-in\n - Libsystem\n - network_cmds\n - UDF", "cvss3": {"score": null, "vector": null}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2008-008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1391", "CVE-2008-3170", "CVE-2008-3623", "CVE-2008-4217", "CVE-2008-4220", "CVE-2008-4221", "CVE-2008-4222", "CVE-2008-4224", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4820", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2008-008.NASL", "href": "https://www.tenable.com/plugins/nessus/35110", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35110);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2008-1391\", \"CVE-2008-3170\", \"CVE-2008-3623\", \"CVE-2008-4217\", \"CVE-2008-4220\",\n \"CVE-2008-4221\", \"CVE-2008-4222\", \"CVE-2008-4224\", \"CVE-2008-4818\", \"CVE-2008-4819\",\n \"CVE-2008-4820\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\");\n script_bugtraq_id(28479, 30192, 32129, 32291, 32881, 32872, 32874, 32876, 32877);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2008-008)\");\n script_summary(english:\"Check for the presence of Security Update 2008-008\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.4 that does not\nhave Security Update 2008-008 applied. \n\nThis security update contains fixes for the following products :\n\n - BOM\n - CoreGraphics\n - CoreServices\n - Flash Player Plug-in\n - Libsystem\n - network_cmds\n - UDF\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3338\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Dec/msg00000.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2008-008 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2008/12/15\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\nscript_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n exit(0);\n}\n\n#\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(0);\n\nif (egrep(pattern:\"Darwin.* (8\\.[0-9]\\.|8\\.1[01]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2008-008|2009-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T14:25:11", "description": "The remote host is affected by the vulnerability described in GLSA-200903-23 (Adobe Flash Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Adobe Flash Player:\n The access scope of SystemsetClipboard() allows ActionScript programs to execute the method without user interaction (CVE-2008-3873).\n The access scope of FileReference.browse() and FileReference.download() allows ActionScript programs to execute the methods without user interaction (CVE-2008-4401).\n The Settings Manager controls can be disguised as normal graphical elements. This so-called 'clickjacking' vulnerability was disclosed by Robert Hansen of SecTheory, Jeremiah Grossman of WhiteHat Security, Eduardo Vela, Matthew Mastracci of DotSpots, and Liu Die Yu of TopsecTianRongXin (CVE-2008-4503).\n Adan Barth (UC Berkely) and Collin Jackson (Stanford University) discovered a flaw occurring when interpreting HTTP response headers (CVE-2008-4818).\n Nathan McFeters and Rob Carter of Ernst and Young's Advanced Security Center are credited for finding an unspecified vulnerability facilitating DNS rebinding attacks (CVE-2008-4819).\n When used in a Mozilla browser, Adobe Flash Player does not properly interpret jar: URLs, according to a report by Gregory Fleischer of pseudo-flaw.net (CVE-2008-4821).\n Alex 'kuza55' K. reported that Adobe Flash Player does not properly interpret policy files (CVE-2008-4822).\n The vendor credits Stefano Di Paola of Minded Security for reporting that an ActionScript attribute is not interpreted properly (CVE-2008-4823).\n Riley Hassell and Josh Zelonis of iSEC Partners reported multiple input validation errors (CVE-2008-4824).\n The aforementioned researchers also reported that ActionScript 2 does not verify a member element's size when performing several known and other unspecified actions, that DefineConstantPool accepts an untrusted input value for a 'constant count' and that character elements are not validated when retrieved from a data structure, possibly resulting in a NULL pointer dereference (CVE-2008-5361, CVE-2008-5362, CVE-2008-5363).\n The vendor reported an unspecified arbitrary code execution vulnerability (CVE-2008-5499).\n Liu Die Yu of TopsecTianRongXin reported an unspecified flaw in the Settings Manager related to 'clickjacking' (CVE-2009-0114).\n The vendor credits Roee Hay from IBM Rational Application Security for reporting an input validation error when processing SWF files (CVE-2009-0519).\n Javier Vicente Vallejo reported via the iDefense VCP that Adobe Flash does not remove object references properly, leading to a freed memory dereference (CVE-2009-0520).\n Josh Bressers of Red Hat and Tavis Ormandy of the Google Security Team reported an untrusted search path vulnerability (CVE-2009-0521).\n Impact :\n\n A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the execution of arbitrary code with the privileges of the user or a Denial of Service (crash). Furthermore a remote attacker could gain access to sensitive information, disclose memory contents by enticing a user to open a specially crafted PDF file inside a Flash application, modify the victim's clipboard or render it temporarily unusable, persuade a user into uploading or downloading files, bypass security restrictions with the assistance of the user to gain access to camera and microphone, conduct Cross-Site Scripting and HTTP Header Splitting attacks, bypass the 'non-root domain policy' of Flash, and gain escalated privileges.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2009-03-11T00:00:00", "type": "nessus", "title": "GLSA-200903-23 : Adobe Flash Player: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363", "CVE-2008-5499", "CVE-2009-0114", "CVE-2009-0519", "CVE-2009-0520", "CVE-2009-0521"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:adobe-flash", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200903-23.NASL", "href": "https://www.tenable.com/plugins/nessus/35904", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200903-23.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35904);\n script_version(\"1.37\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3873\", \"CVE-2008-4401\", \"CVE-2008-4503\", \"CVE-2008-4818\", \"CVE-2008-4819\", \"CVE-2008-4821\", \"CVE-2008-4822\", \"CVE-2008-4823\", \"CVE-2008-4824\", \"CVE-2008-5361\", \"CVE-2008-5362\", \"CVE-2008-5363\", \"CVE-2008-5499\", \"CVE-2009-0114\", \"CVE-2009-0519\", \"CVE-2009-0520\", \"CVE-2009-0521\");\n script_bugtraq_id(31117, 31537, 32896, 33880, 33889, 33890);\n script_xref(name:\"GLSA\", value:\"200903-23\");\n\n script_name(english:\"GLSA-200903-23 : Adobe Flash Player: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200903-23\n(Adobe Flash Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Adobe Flash Player:\n The access scope of SystemsetClipboard() allows ActionScript\n programs to execute the method without user interaction\n (CVE-2008-3873).\n The access scope of FileReference.browse() and\n FileReference.download() allows ActionScript programs to execute the\n methods without user interaction (CVE-2008-4401).\n The Settings Manager controls can be disguised as normal graphical\n elements. This so-called 'clickjacking' vulnerability was disclosed by\n Robert Hansen of SecTheory, Jeremiah Grossman of WhiteHat Security,\n Eduardo Vela, Matthew Mastracci of DotSpots, and Liu Die Yu of\n TopsecTianRongXin (CVE-2008-4503).\n Adan Barth (UC Berkely) and Collin Jackson (Stanford University)\n discovered a flaw occurring when interpreting HTTP response headers\n (CVE-2008-4818).\n Nathan McFeters and Rob Carter of Ernst and Young's Advanced\n Security Center are credited for finding an unspecified vulnerability\n facilitating DNS rebinding attacks (CVE-2008-4819).\n When used in a Mozilla browser, Adobe Flash Player does not\n properly interpret jar: URLs, according to a report by Gregory\n Fleischer of pseudo-flaw.net (CVE-2008-4821).\n Alex 'kuza55' K. reported that Adobe Flash Player does not properly\n interpret policy files (CVE-2008-4822).\n The vendor credits Stefano Di Paola of Minded Security for\n reporting that an ActionScript attribute is not interpreted properly\n (CVE-2008-4823).\n Riley Hassell and Josh Zelonis of iSEC Partners reported multiple\n input validation errors (CVE-2008-4824).\n The aforementioned researchers also reported that ActionScript 2\n does not verify a member element's size when performing several known\n and other unspecified actions, that DefineConstantPool accepts an\n untrusted input value for a 'constant count' and that character\n elements are not validated when retrieved from a data structure,\n possibly resulting in a NULL pointer dereference (CVE-2008-5361,\n CVE-2008-5362, CVE-2008-5363).\n The vendor reported an unspecified arbitrary code execution\n vulnerability (CVE-2008-5499).\n Liu Die Yu of TopsecTianRongXin reported an unspecified flaw in the\n Settings Manager related to 'clickjacking' (CVE-2009-0114).\n The vendor credits Roee Hay from IBM Rational Application Security\n for reporting an input validation error when processing SWF files\n (CVE-2009-0519).\n Javier Vicente Vallejo reported via the iDefense VCP that Adobe\n Flash does not remove object references properly, leading to a freed\n memory dereference (CVE-2009-0520).\n Josh Bressers of Red Hat and Tavis Ormandy of the Google Security\n Team reported an untrusted search path vulnerability\n (CVE-2009-0521).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted SWF\n file, possibly resulting in the execution of arbitrary code with the\n privileges of the user or a Denial of Service (crash). Furthermore a\n remote attacker could gain access to sensitive information, disclose\n memory contents by enticing a user to open a specially crafted PDF file\n inside a Flash application, modify the victim's clipboard or render it\n temporarily unusable, persuade a user into uploading or downloading\n files, bypass security restrictions with the assistance of the user to\n gain access to camera and microphone, conduct Cross-Site Scripting and\n HTTP Header Splitting attacks, bypass the 'non-root domain policy' of\n Flash, and gain escalated privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200903-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Adobe Flash Player users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-plugins/adobe-flash-10.0.22.87'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player ActionScript Launch Command Execution Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 79, 94, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:adobe-flash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-plugins/adobe-flash\", unaffected:make_list(\"ge 10.0.22.87\"), vulnerable:make_list(\"lt 10.0.22.87\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Adobe Flash Player\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:14", "description": "The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.6. \n\nMac OS X 10.5.6 contains security fixes for the following products :\n\n - ATS\n - BOM\n - CoreGraphics\n - CoreServices\n - CoreTypes\n - Flash Player Plug-in\n - Kernel\n - Libsystem\n - Managed Client\n - network_cmds\n - Podcast Producer\n - UDF", "cvss3": {"score": null, "vector": null}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Mac OS X 10.5.x < 10.5.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1391", "CVE-2008-3170", "CVE-2008-3623", "CVE-2008-4217", "CVE-2008-4218", "CVE-2008-4219", "CVE-2008-4220", "CVE-2008-4221", "CVE-2008-4222", "CVE-2008-4223", "CVE-2008-4224", "CVE-2008-4234", "CVE-2008-4236", "CVE-2008-4237", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4820", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_5_6.NASL", "href": "https://www.tenable.com/plugins/nessus/35111", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35111);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2008-1391\", \n \"CVE-2008-3170\", \n \"CVE-2008-3623\", \n \"CVE-2008-4217\", \n \"CVE-2008-4218\",\n \"CVE-2008-4219\", \n \"CVE-2008-4220\", \n \"CVE-2008-4221\", \n \"CVE-2008-4222\", \n \"CVE-2008-4223\",\n \"CVE-2008-4224\", \n \"CVE-2008-4234\", \n \"CVE-2008-4236\", \n \"CVE-2008-4237\", \n \"CVE-2008-4818\",\n \"CVE-2008-4819\", \n \"CVE-2008-4820\", \n \"CVE-2008-4821\", \n \"CVE-2008-4822\", \n \"CVE-2008-4823\",\n \"CVE-2008-4824\"\n );\n script_bugtraq_id(\n 28479, \n 30192, \n 32129, \n 32291, \n 32870, \n 32872, \n 32873, \n 32874, \n 32875, \n 32876, \n 32877, \n 32879, \n 32880, \n 32881\n );\n\n script_name(english:\"Mac OS X 10.5.x < 10.5.6 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5.x that is prior\nto 10.5.6. \n\nMac OS X 10.5.6 contains security fixes for the following products :\n\n - ATS\n - BOM\n - CoreGraphics\n - CoreServices\n - CoreTypes\n - Flash Player Plug-in\n - Kernel\n - Libsystem\n - Managed Client\n - network_cmds\n - Podcast Producer\n - UDF\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3338\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Dec/msg00000.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.5.6 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/12/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2008/12/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) os = get_kb_item(\"Host/OS\");\nif (!os) exit(0);\n\nif (ereg(pattern:\"Mac OS X 10\\.5\\.[0-5]([^0-9]|$)\", string:os)) \n security_hole(0);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:07", "description": "The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.6. Mac OS X 10.5.6 contains security fixes for the following products : \n\n - ATS\n - BOM\n - CoreGraphics\n - CoreServices\n - CoreTypes\n - Flash Player Plug-in\n - Kernel\n - Libsystem\n - Managed Client\n - network_cmds\n - Podcast Producer\n - UDF", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Mac OS X < 10.5.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4216", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-1391", "CVE-2008-4218", "CVE-2008-4222", "CVE-2008-4236", "CVE-2008-4820", "CVE-2008-4237", "CVE-2008-4221", "CVE-2008-4217", "CVE-2008-3170", "CVE-2008-3623", "CVE-2008-3644", "CVE-2008-4220", "CVE-2008-4234", "CVE-2008-4223", "CVE-2008-4224", "CVE-2008-4219"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "4790.PRM", "href": "https://www.tenable.com/plugins/nnm/4790", "sourceData": "Binary data 4790.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:09", "description": "The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.6. Mac OS X 10.5.6 contains security fixes for the following products : \n\n - ATS\n - BOM\n - CoreGraphics\n - CoreServices\n - CoreTypes\n - Flash Player Plug-in\n - Kernel\n - Libsystem\n - Managed Client\n - network_cmds\n - Podcast Producer\n - UDF", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Mac OS X < 10.5.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4216", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-1391", "CVE-2008-4218", "CVE-2008-4222", "CVE-2008-4236", "CVE-2008-4820", "CVE-2008-4237", "CVE-2008-4221", "CVE-2008-4217", "CVE-2008-3170", "CVE-2008-3623", "CVE-2008-3644", "CVE-2008-4220", "CVE-2008-4234", "CVE-2008-4223", "CVE-2008-4224", "CVE-2008-4219"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "4789.PRM", "href": "https://www.tenable.com/plugins/nnm/4789", "sourceData": "Binary data 4789.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:56", "description": "The flash-plugin package contains a Firefox-compatible Adobe Flash Player\nWeb browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the\nclipboard. A malicious SWF (Shockwave Flash) file could populate the\nclipboard with a URL that could cause the user to accidentally or\nmistakenly load an attacker-controlled URL. (CVE-2008-3873)\n\nA flaw was found with Adobe's ActionScript scripting language which allowed\nFlash scripts to initiate file uploads and downloads without user\ninteraction. ActionScript's FileReference.browse and FileReference.download\nmethod calls can now only be initiated via user interaction, such as\nthrough mouse-clicks or key-presses on the keyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of Settings Manager\ncontent. A malicious SWF file could trick the user into unintentionally or\nmistakenly clicking a link or a dialog which could then give the malicious\nSWF file permission to access the local machine's camera or microphone.\n(CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation and\nusage of cross-domain policy files. A remote attacker could use Flash\nPlayer to conduct cross-domain and cross-site scripting attacks\n(CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes for\nthese issues.\n\nFlash Player contains a flaw in the way it interprets HTTP response\nheaders. An attacker could use this flaw to conduct a cross-site scripting\nattack against the user running Flash Player. (CVE-2008-4818)\n\nA flaw was found in the way Flash Player handles the ActionScript\nattribute. A malicious site could use this flaw to inject arbitrary HTML\ncontent, confusing the user running the browser. (CVE-2008-4823)\n\nA flaw was found in the way Flash Player interprets policy files. It was\npossible to bypass a non-root domain policy, possibly allowing a malicious\nsite to access data in a different domain. (CVE-2008-4822)\n\nA flaw was found in how Flash Player's jar: protocol handler interacts with\nMozilla. A malicious flash application could use this flaw to disclose\nsensitive information. (CVE-2008-4821)\n\nUpdated Flash Player also extends mechanisms to help prevent an attacker\nfrom executing a DNS rebinding attack. (CVE-2008-4819)\n\nAll users of Adobe Flash Player should upgrade to this updated package,\nwhich contains Flash Player version 9.0.151.0.\n", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "redhat", "title": "(RHSA-2008:0980) Critical: flash-plugin security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363"], "modified": "2017-07-27T19:09:00", "id": "RHSA-2008:0980", "href": "https://access.redhat.com/errata/RHSA-2008:0980", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:45:26", "description": "The flash-plugin package contains a Firefox-compatible Adobe Flash Player\nWeb browser plug-in.\n\nA flaw was found in the way Adobe Flash Player wrote content to the\nclipboard. A malicious SWF file could populate the clipboard with a URL\nthat could cause the user to mistakenly load an attacker-controlled URL.\n(CVE-2008-3873)\n\nA flaw was found which allowed Adobe Flash Player's ActionScript to\ninitiate file uploads and downloads without user interaction.\nFileReference.browse and FileReference.download calls can now only be\ninitiated via user interaction, such as mouse-clicks or key-presses on the\nkeyboard. (CVE-2008-4401)\n\nA flaw was found in Adobe Flash Player's display of the Settings Manager\ncontent. A malicious SWF file could trick the user into unknowingly\nclicking a link or dialog. This could then give the malicious SWF file\npermission to access the local machine's camera or microphone.\n(CVE-2008-4503)\n\nFlaws were found in the way Flash Player restricted the interpretation and\nusage of cross-domain policy files. A remote attacker could use Flash\nPlayer to conduct cross-domain and cross-site scripting attacks\n(CVE-2007-4324, CVE-2007-6243). This update provides enhanced fixes for\nthese issues.\n\nAdobe Flash Player 10 also includes bug fixes and feature enhancements\nincluding:\n\n* improved stability on the Linux platform by fixing a race condition issue\nin sound output.\n\n* new support for custom filters and effects, native 3D transformation and\nanimation, advanced audio processing, a new, more flexible text engine, and\nGPU hardware acceleration. \n\nFor more information on new features and enhancements, see the Adobe Flash\nPlayer site and the Adobe Labs Release Notes.\n\nNote: some users may have installed a 3rd-party component, libflashsupport,\nfor older versions of Flash Player. Adobe Flash Player 10 no longer\nsupports libflashsupport. Users are advised to remove libflashsupport if\nthey have it installed.\n\nAll users of Adobe Flash Player should upgrade to this updated package,\nwhich contains Flash Player version 10.0.12.36.", "cvss3": {}, "published": "2008-10-28T00:00:00", "type": "redhat", "title": "(RHSA-2008:0945) Critical: flash-plugin security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4324", "CVE-2007-6243", "CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363"], "modified": "2017-07-27T03:26:25", "id": "RHSA-2008:0945", "href": "https://access.redhat.com/errata/RHSA-2008:0945", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:14:42", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Flash Player: \n\n * The access scope of SystemsetClipboard() allows ActionScript programs to execute the method without user interaction (CVE-2008-3873).\n * The access scope of FileReference.browse() and FileReference.download() allows ActionScript programs to execute the methods without user interaction (CVE-2008-4401).\n * The Settings Manager controls can be disguised as normal graphical elements. This so-called \"clickjacking\" vulnerability was disclosed by Robert Hansen of SecTheory, Jeremiah Grossman of WhiteHat Security, Eduardo Vela, Matthew Mastracci of DotSpots, and Liu Die Yu of TopsecTianRongXin (CVE-2008-4503).\n * Adan Barth (UC Berkely) and Collin Jackson (Stanford University) discovered a flaw occurring when interpreting HTTP response headers (CVE-2008-4818).\n * Nathan McFeters and Rob Carter of Ernst and Young's Advanced Security Center are credited for finding an unspecified vulnerability facilitating DNS rebinding attacks (CVE-2008-4819).\n * When used in a Mozilla browser, Adobe Flash Player does not properly interpret jar: URLs, according to a report by Gregory Fleischer of pseudo-flaw.net (CVE-2008-4821).\n * Alex \"kuza55\" K. reported that Adobe Flash Player does not properly interpret policy files (CVE-2008-4822).\n * The vendor credits Stefano Di Paola of Minded Security for reporting that an ActionScript attribute is not interpreted properly (CVE-2008-4823).\n * Riley Hassell and Josh Zelonis of iSEC Partners reported multiple input validation errors (CVE-2008-4824).\n * The aforementioned researchers also reported that ActionScript 2 does not verify a member element's size when performing several known and other unspecified actions, that DefineConstantPool accepts an untrusted input value for a \"constant count\" and that character elements are not validated when retrieved from a data structure, possibly resulting in a null-pointer dereference (CVE-2008-5361, CVE-2008-5362, CVE-2008-5363).\n * The vendor reported an unspecified arbitrary code execution vulnerability (CVE-2008-5499).\n * Liu Die Yu of TopsecTianRongXin reported an unspecified flaw in the Settings Manager related to \"clickjacking\" (CVE-2009-0114).\n * The vendor credits Roee Hay from IBM Rational Application Security for reporting an input validation error when processing SWF files (CVE-2009-0519).\n * Javier Vicente Vallejo reported via the iDefense VCP that Adobe Flash does not remove object references properly, leading to a freed memory dereference (CVE-2009-0520).\n * Josh Bressers of Red Hat and Tavis Ormandy of the Google Security Team reported an untrusted search path vulnerability (CVE-2009-0521).\n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the execution of arbitrary code with the privileges of the user or a Denial of Service (crash). Furthermore a remote attacker could gain access to sensitive information, disclose memory contents by enticing a user to open a specially crafted PDF file inside a Flash application, modify the victim's clipboard or render it temporarily unusable, persuade a user into uploading or downloading files, bypass security restrictions with the assistance of the user to gain access to camera and microphone, conduct Cross-Site Scripting and HTTP Header Splitting attacks, bypass the \"non-root domain policy\" of Flash, and gain escalated privileges. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-plugins/adobe-flash-10.0.22.87\"", "cvss3": {}, "published": "2009-03-10T00:00:00", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3873", "CVE-2008-4401", "CVE-2008-4503", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4821", "CVE-2008-4822", "CVE-2008-4823", "CVE-2008-4824", "CVE-2008-5361", "CVE-2008-5362", "CVE-2008-5363", "CVE-2008-5499", "CVE-2009-0114", "CVE-2009-0519", "CVE-2009-0520", "CVE-2009-0521"], "modified": "2009-05-28T00:00:00", "id": "GLSA-200903-23", "href": "https://security.gentoo.org/glsa/200903-23", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "description": " About the security content of Security Update 2008-008 / Mac OS X v10.5.6\r\n\r\n * Last Modified: December 15, 2008\r\n * Article: HT3338\r\n\r\nSummary\r\n\r\nThis document describes the security content of Security Update 2008-008 / Mac OS X v10.5.6, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nSecurity, Mac OS X 10.5\r\nSecurity Update 2008-008 / Mac OS X v10.5.6\r\n\r\n *\r\n\r\n ATS\r\n\r\n CVE-ID: CVE-2008-4236\r\n\r\n Available for: Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Viewing or downloading a PDF file containing a maliciously crafted embedded font may lead to a denial of service\r\n\r\n Description: An infinite loop may occur in the Apple Type Services server's handling of embedded fonts in PDF files. Viewing or downloading a PDF file containing a maliciously crafted embedded font may lead to a denial of service. This update addresses the issue by performing additional validation of embedded fonts. This issue does not affect systems prior to Mac OS X v10.5. Credit to Michael Samarin and Mikko Vihonen of Futurice Ltd. for reporting this issue.\r\n\r\n *\r\n\r\n BOM\r\n\r\n CVE-ID: CVE-2008-4217\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Downloading or viewing a maliciously crafted CPIO archive may lead to arbitrary code execution or unexpected application termination\r\n\r\n Description: A signedness issue exists in BOM's handling of CPIO headers which may result in a stack buffer overflow. Downloading or viewing a maliciously crafted CPIO archive may lead to arbitrary code execution or unexpected application termination. This update addresses the issue by performing additional validation of CPIO headers. Credit: Apple.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2008-3623\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in the handling of color spaces within CoreGraphics. Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n CoreServices\r\n\r\n CVE-ID: CVE-2008-3170\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Visiting a maliciously crafted website may lead to the disclosure of user credentials\r\n\r\n Description: Safari allows web sites to set cookies for country-specific top-level domains, which may allow a remote attacker to perform a session fixation attack and hijack a user's credentials. This update addresses the issue by performing additional validation of domain names. Credit to Alexander Clauss of iCab.de for reporting this issue.\r\n\r\n *\r\n\r\n CoreTypes\r\n\r\n CVE-ID: CVE-2008-4234\r\n\r\n Available for: Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Attempting to launch unsafe downloaded content may not lead to a warning\r\n\r\n Description: Mac OS X provides the Download Validation capability to indicate potentially unsafe files. Applications such as Safari and others use Download Validation to help warn users prior to launching files marked as potentially unsafe. This update adds to the list of potentially unsafe types. It adds the content type for files that have executable permissions and no specific application association. These files are potentially unsafe as they will launch in Terminal and their content will be executed as commands. While these files are not automatically launched, if manually opened they could lead to the execution of arbitrary code. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n Flash Player Plug-in\r\n\r\n CVE-ID: CVE-2008-4818, CVE-2008-4819, CVE-2008-4820, CVE-2008-4821, CVE-2008-4822, CVE-2008-4823, CVE-2008-4824\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Multiple vulnerabilities in Adobe Flash Player plug-in\r\n\r\n Description: Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in to version 9.0.151.0. Further information is available via the Adobe web site at http://www.adobe.com/support/security/bulletins/apsb08-20.html\r\n\r\n *\r\n\r\n Kernel\r\n\r\n CVE-ID: CVE-2008-4218\r\n\r\n Available for: Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: A local user may obtain system privileges\r\n\r\n Description: Integer overflow issues exist within the i386_set_ldt and i386_get_ldt system calls, which may allow a local user to execute arbitrary code with system privileges. This update addresses the issues through improved bounds checking. These issues do not affect PowerPC systems. Credit to Richard Vaneeden of IOActive, Inc. for reporting these issues.\r\n\r\n *\r\n\r\n Kernel\r\n\r\n CVE-ID: CVE-2008-4219\r\n\r\n Available for: Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Running an executable that links dynamic libraries on an NFS share may lead to an unexpected system shutdown\r\n\r\n Description: An infinite loop may occur when a program located on an NFS share receives an exception. This may lead to an unexpected system shutdown. This update addresses the issue through improved handling of exceptions. Credit to Ben Loer of Princeton University for reporting this issue.\r\n\r\n *\r\n\r\n Libsystem\r\n\r\n CVE-ID: CVE-2008-4220\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Applications that use the inet_net_pton API may be vulnerable to arbitrary code execution or an unexpected application termination\r\n\r\n Description: An integer overflow exists in Libsystem's inet_net_pton API, which may lead to arbitrary code execution or the unexpected termination of the application using the API. This update addresses the issue through improved bounds checking. This API is not normally called with untrusted data, and no exploitable cases of this issue are known. This update is provided to help mitigate potential attacks against any application using this API.\r\n\r\n *\r\n\r\n Libsystem\r\n\r\n CVE-ID: CVE-2008-4221\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Applications that use the strptime API may be vulnerable to arbitrary code execution or unexpected application termination\r\n\r\n Description: A memory corruption issue exists in Libsystem's strptime API. Parsing a maliciously crafted date string may lead to arbitrary code execution or unexpected application termination. This update addresses the issue through improved memory allocation. Credit: Apple.\r\n\r\n *\r\n\r\n Libsystem\r\n\r\n CVE-ID: CVE-2008-1391\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Applications that use the strfmon API may be exposed to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple integer overflows exist in Libsystem's strfmon implementation. An application calling strfmon with large values of certain integer fields in the format string argument may unexpectedly terminate or lead to arbitrary code execution. This update addresses the issues through improved bounds checking.\r\n\r\n *\r\n\r\n Managed Client\r\n\r\n CVE-ID: CVE-2008-4237\r\n\r\n Available for: Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: The managed screen saver settings are not applied\r\n\r\n Description: The method by which the software on a managed client system installs per-host configuration information does not always correctly identify the system. On a misidentified system, per-host settings are not applied, including the screen saver lock. This update addresses the issue by having Managed Client use the correct system identification. This issue does not affect systems with built-in Ethernet. Credit to John Barnes of ESRI, and Trevor Lalish-Menagh of Tamman Technologies, Inc. for reporting this issue.\r\n\r\n *\r\n\r\n network_cmds\r\n\r\n CVE-ID: CVE-2008-4222\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: A remote attacker may be able to cause a denial of service if Internet Sharing is enabled\r\n\r\n Description: An infinite loop may occur in the handling of TCP packets in natd. By sending a maliciously crafted TCP packet, a remote attacker may be able to cause a denial of service if Internet Sharing is enabled. This update addresses the issue by performing additional validation of TCP packets. Credit to Alex Rosenberg of Ohmantics, and Gary Teter of Paizo Publishing for reporting this issue.\r\n\r\n *\r\n\r\n Podcast Producer\r\n\r\n CVE-ID: CVE-2008-4223\r\n\r\n Available for: Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: A remote attacker may be able to access the administrative functions of Podcast Producer\r\n\r\n Description: An authentication bypass issue exists in the Podcast Producer server, which may allow an unauthorized user to access administrative functions in the server. This update addresses the issue through improved handling of access restrictions. Podcast Producer was introduced in Mac OS X Server v10.5.\r\n\r\n *\r\n\r\n UDF\r\n\r\n CVE-ID: CVE-2008-4224\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.5, Mac OS X Server v10.5 through v10.5.5\r\n\r\n Impact: Opening an ISO file may lead to an unexpected system shutdown\r\n\r\n Description: An input validation issue exists in the handling of malformed UDF volumes. Opening a maliciously crafted ISO file may lead to an unexpected system shutdown. This update addresses the issue through improved input validation. Credit to Mauro Notarianni of PCAX Solutions for reporting this issue.\r\n\r\nImportant: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.", "edition": 1, "cvss3": {}, "published": "2008-12-16T00:00:00", "title": "About the security content of Security Update 2008-008 / Mac OS X v10.5.6 ", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-4219", "CVE-2008-4236", "CVE-2008-3623", "CVE-2008-4218", "CVE-2008-4820", "CVE-2008-4824", "CVE-2008-4237", "CVE-2008-4222", "CVE-2008-4220", "CVE-2008-4234", "CVE-2008-4823", "CVE-2008-4223", "CVE-2008-3170", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4221", "CVE-2008-4224", "CVE-2008-1391", "CVE-2008-4821", "CVE-2008-4217"], "modified": "2008-12-16T00:00:00", "id": "SECURITYVULNS:DOC:21028", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21028", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:08", "description": "Apple Type Services DoS, BOM buffer overflow with CPIO archives, CoreGraphics buffer overflow on images parsing, invalid cookies setting for geographical domains, dangerous content warning bypass, multiple Flash Player Plugin vulnerabilities, multiple privilege escalations, Internet Sharing DoS, Podcast Producer unauthorized administrative access, UDF ISO images DoS.", "edition": 2, "cvss3": {}, "published": "2008-12-16T00:00:00", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2008-4219", "CVE-2008-4236", "CVE-2008-3623", "CVE-2008-4218", "CVE-2008-4820", "CVE-2008-4824", "CVE-2008-4237", "CVE-2008-4222", "CVE-2008-4220", "CVE-2008-4234", "CVE-2008-4823", "CVE-2008-4223", "CVE-2008-3170", "CVE-2008-4822", "CVE-2008-4818", "CVE-2008-4819", "CVE-2008-4221", "CVE-2008-4224", "CVE-2008-1391", "CVE-2008-4821", "CVE-2008-4217"], "modified": "2008-12-16T00:00:00", "id": "SECURITYVULNS:VULN:9519", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9519", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
CVE-2008-4822
