This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated Adobe Flash Player package that fixes several security
issues is now available for Red Hat Enterprise Linux 3 Extras, Red Hat
Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
The flash-plugin package contains a Firefox-compatible Adobe Flash
Player Web browser plug-in.
Several input validation flaws were found in the way Flash Player
displayed certain content. These may have made it possible to execute
arbitrary code on a victim's machine, if the victim opened a malicious
Adobe Flash file. (CVE-2007-0071, CVE-2007-6019)
A flaw was found in the way Flash Player established TCP sessions to
remote hosts. A remote attacker could, consequently, use Flash Player
to conduct a DNS rebinding attack. (CVE-2007-5275, CVE-2008-1655)
A flaw was found in the way Flash Player restricted the interpretation
and usage of cross-domain policy files. A remote attacker could use
Flash Player to conduct cross-domain and cross-site scripting attacks.
A flaw was found in the way Flash Player interacted with web browsers.
An attacker could use malicious content presented by Flash Player to
conduct a cross-site scripting attack. (CVE-2007-6637)
All users of Adobe Flash Player should upgrade to this updated
package, which contains Flash Player version 22.214.171.124 and resolves
See also :
Update the affected flash-plugin package.
Risk factor :
High / CVSS Base Score : 9.3
Public Exploit Available : true