RHEL 3 / 4 / 5 : flash-plugin (RHSA-2008:1047)

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated Adobe Flash Player package that fixes a security issue is
now available for Red Hat Enterprise Linux 3 Extras, Red Hat
Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash
Player Web browser plug-in.

A security flaw was found in the way Flash Player displayed certain
SWF (Shockwave Flash) content. This may have made it possible to
execute arbitrary code on a victim's machine, if the victim opened a
malicious Adobe Flash file. (CVE-2008-5499)

All users of Adobe Flash Player should install this updated package,
which upgrades Flash Player to version for users of Red Hat
Enterprise Linux 5 Supplementary, and for users of Red Hat
Enterprise 3 and 4 Extras.

See also :


Solution :

Update the affected flash-plugin package.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 40736 ()

Bugtraq ID: 32896

CVE ID: CVE-2008-5499