SuSE 10 Security Update : flash-player (ZYPP Patch Number 2065)

This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

Multiple input validation errors have been identified in Flash Player
that could lead to the potential execution of arbitrary code. These
vulnerabilities could be accessed through content delivered from a
remote location via the user's web browser, email client, or other
applications that include or reference the Flash Player.
(CVE-2006-3311 / CVE-2006-3587 / CVE-2006-3588)

These updates include changes to prevent circumvention of the
'allowScriptAccess' option. (CVE-2006-4640)

See also :

http://support.novell.com/security/cve/CVE-2006-3311.html
http://support.novell.com/security/cve/CVE-2006-3587.html
http://support.novell.com/security/cve/CVE-2006-3588.html
http://support.novell.com/security/cve/CVE-2006-4640.html

Solution :

Apply ZYPP patch number 2065.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 29432 ()

Bugtraq ID:

CVE ID: CVE-2006-3311
CVE-2006-3587
CVE-2006-3588
CVE-2006-4640

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now