Detections
Analytics
SuSE 10 Security Update : flash-player (ZYPP Patch Number 4856)
high Nessus Plugin ID 29785
Synopsis
The remote SuSE 10 host is missing a security-related patch.Description
This flash player update to version 9.0.115.0 fixes several security problems. In the worst case an attacker could potentially have flash-player execute arbitrary code via specially crafted files.(CVE-2007-4324 / CVE-2007-4768 / CVE-2007-5275 / CVE-2007-6242 / CVE-2007-6243 / CVE-2007-6244 / CVE-2007-6245 / CVE-2007-6246)
Note: Since Adobe doesn't support browsers other than Firefox and Mozilla, this update doesn't work with browsers such as Konqueror.
Updates for konquerors are already in the works.
Solution
Apply ZYPP patch number 4856.See Also
http://support.novell.com/security/cve/CVE-2007-4324.html
http://support.novell.com/security/cve/CVE-2007-4768.html
http://support.novell.com/security/cve/CVE-2007-5275.html
http://support.novell.com/security/cve/CVE-2007-6242.html
http://support.novell.com/security/cve/CVE-2007-6243.html
http://support.novell.com/security/cve/CVE-2007-6244.html
Plugin Details
Severity: High
ID: 29785
File Name: suse_flash-player-4856.nasl
Version: 1.21
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/24/2007
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:suse:suse_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 12/7/2007
Reference Information
CVE: CVE-2007-4324, CVE-2007-4768, CVE-2007-5275, CVE-2007-6242, CVE-2007-6243, CVE-2007-6244, CVE-2007-6245, CVE-2007-6246