This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated Adobe Flash Player package that fixes several security
issues is now available for Red Hat Enterprise Linux 3 Extras, Red Hat
Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
The flash-plugin package contains a Firefox-compatible Adobe Flash
Player Web browser plug-in.
Several input validation flaws were found in the way Flash Player
displayed certain content. These may have made it possible to execute
arbitrary code on a victim's machine, if the victim opened a malicious
Adobe Flash file. (CVE-2007-0071, CVE-2007-6019)
A flaw was found in the way Flash Player established TCP sessions to
remote hosts. A remote attacker could, consequently, use Flash Player
to conduct a DNS rebinding attack. (CVE-2007-5275, CVE-2008-1655)
A flaw was found in the way Flash Player restricted the interpretation
and usage of cross-domain policy files. A remote attacker could use
Flash Player to conduct cross-domain and cross-site scripting attacks.
A flaw was found in the way Flash Player interacted with web browsers.
An attacker could use malicious content presented by Flash Player to
conduct a cross-site scripting attack. (CVE-2007-6637)
All users of Adobe Flash Player should upgrade to this updated
package, which contains Flash Player version 188.8.131.52 and resolves
See also :
Update the affected flash-plugin package.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 40719 ()
Bugtraq ID: 26930269662703428694286952869628697
CVE ID: CVE-2007-0071CVE-2007-5275CVE-2007-6019CVE-2007-6243CVE-2007-6637CVE-2008-1654CVE-2008-1655CVE-2008-3872
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.