Flash Player for Mac <= 11.3.300.270 Code Execution (APSB12-18)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mac OS X host has a browser plugin that is affected by a
remote code execution vulnerability.

Description :

According to its version, the instance of Flash Player installed on the
remote Mac OS X host is 11.x equal to or earlier than 11.3.300.270. It
is, therefore, potentially affected by an unspecified remote code
execution vulnerability.

Also note the vendor states 10.x versions are not affected by this
vulnerability and the branch was not updated.

See also :

http://www.adobe.com/support/security/bulletins/apsb12-18.html
http://forums.adobe.com/thread/1049526

Solution :

Upgrade to Adobe Flash Player version 11.3.300.271 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 61551 ()

Bugtraq ID: 55009

CVE ID: CVE-2012-1535