MS KB2898108: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an ActiveX control installed that is affected by
memory corruption vulnerabilities.

Description :

The remote host is missing KB2898108. It is, therefore, affected by
two memory corruption vulnerabilities in the installed version of the
Adobe Flash ActiveX control, which could lead to code execution.

See also :

http://www.adobe.com/support/security/bulletins/apsb13-26.html
http://technet.microsoft.com/en-us/security/advisory/2755801
http://support.microsoft.com/kb/2898108

Solution :

Install Microsoft KB2898108.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 70856 ()

Bugtraq ID: 63680
63683

CVE ID: CVE-2013-5329
CVE-2013-5330