FreeBSD : linux-flashplugin7 -- arbitrary code execution vulnerabilities (7c75d48c-429b-11db-afae-000c6ec775d9)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Adobe reports :

Multiple input validation errors have been identified in Flash Player
8.0.24.0 and earlier versions that could lead to the potential
execution of arbitrary code. These vulnerabilities could be accessed
through content delivered from a remote location via the user?s web
browser, email client, or other applications that include or reference
the Flash Player. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588)

These updates include changes to prevent circumvention of the
'allowScriptAccess' option. (CVE-2006-4640)

See also :

http://www.adobe.com/support/security/bulletins/apsb06-11.html
http://www.nessus.org/u?c8dd720a

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 22341 (freebsd_pkg_7c75d48c429b11dbafae000c6ec775d9.nasl)

Bugtraq ID:

CVE ID: CVE-2006-3311
CVE-2006-3587
CVE-2006-3588
CVE-2006-4640

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now