Flash Player Multiple Vulnerabilities (APSB06-11)

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a browser plugin that is affected by
multiple issues.

Description :

According to its version number, the instance of Flash Player on the
remote Windows host is affected by arbitrary code execution and denial
of service issues. By convincing a user to visit a site with a
specially crafted SWF file, an attacker may be able to execute
arbitrary code on the affected host or cause the web browser to crash.

See also :

http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-20.html
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-21.html
http://www.adobe.com/support/security/bulletins/apsb06-11.html

Solution :

Upgrade to Flash Player version 9.0.16.0 / 8.0.33.0 / 7.0.66.0 /
6.0.88.0 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 22056 (flash_player_9.nasl)

Bugtraq ID: 18894
19980

CVE ID: CVE-2006-3014
CVE-2006-3311
CVE-2006-3587
CVE-2006-3588
CVE-2006-4640

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now