FreeBSD : linux-flashplugin -- arbitrary code execution vulnerability (83421018-b3ef-11da-a32d-000c6ec775d9)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Adobe reports :

Critical vulnerabilities have been identified in Flash Player that
could allow an attacker who successfully exploits these
vulnerabilities to take control of the affected system. A malicious
SWF must be loaded in Flash Player by the user for an attacker to
exploit these vulnerabilities.

Flash Player 8 update (8.0.24.0), and Flash Player 7 update (7.0.63.0)
address security vulnerabilities in previous versions of Flash Player,
which could lead to the potential execution of arbitrary code. These
vulnerabilities could be accessed through content delivered from a
remote location via the users web browser, email client, or other
applications that include or reference the Flash Player.

See also :

http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html
http://www.nessus.org/u?0b025c75

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21459 (freebsd_pkg_83421018b3ef11daa32d000c6ec775d9.nasl)

Bugtraq ID:

CVE ID: CVE-2006-0024

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now