Detections
Analytics
MS KB2942844: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
critical Nessus Plugin ID 73418
Language:
Synopsis
The remote host has an ActiveX control installed that is affected by multiple vulnerabilities.Description
The remote host is missing KB2942844. It is, therefore, affected by the following vulnerabilities :- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509)
Solution
Install Microsoft KB2942844.See Also
https://helpx.adobe.com/security/products/flash-player/apsb14-09.html
https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801
Plugin Details
Severity: Critical
ID: 73418
File Name: smb_kb2942844.nasl
Version: 1.10
Type: local
Agent: windows
Family: Windows
Published: 4/8/2014
Updated: 11/26/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2014-0506
Vulnerability Information
CPE: cpe:/o:microsoft:windows, cpe:/a:adobe:flash_player
Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion
Exploit Ease: No known exploits are available
Patch Publication Date: 4/8/2014
Vulnerability Publication Date: 3/27/2014
Reference Information
CVE: CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, CVE-2014-0509