RHEL 3 / 4 : flash-plugin (RHSA-2006:0674)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated Adobe Flash Player package that fixes security issues is
now available.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash
Player browser plug-in.

Security issues were discovered in the Adobe Flash Player. It may be
possible to execute arbitrary code on a victim's machine if the victim
opens a malicious Adobe Flash file. (CVE-2006-3311, CVE-2006-3587,
CVE-2006-3588)

Users of Adobe Flash Player should upgrade to this updated package,
which contains version 7.0.68 and is not vulnerable to this issue.

Red Hat would like to thank Adobe for notifying us of these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2006-3311.html
https://www.redhat.com/security/data/cve/CVE-2006-3587.html
https://www.redhat.com/security/data/cve/CVE-2006-3588.html
https://www.redhat.com/security/data/cve/CVE-2006-4640.html
http://www.adobe.com/support/security/bulletins/apsb06-11.html
http://rhn.redhat.com/errata/RHSA-2006-0674.html

Solution :

Update the affected flash-plugin package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 63833 ()

Bugtraq ID:

CVE ID: CVE-2006-3311
CVE-2006-3587
CVE-2006-3588
CVE-2006-4640