This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Windows host contains a browser plug-in that is affected
by multiple vulnerabilities.
The remote Windows host contains a version of Adobe Flash Player 9.x
before 9.0.289 or 10.x earlier than 10.1.102.64. Such versions are
potentially affected by multiple vulnerabilities :
- A memory corruption vulnerability exists that could lead
to code execution. Note that there are reports that
this is being actively exploited in the wild.
- An input validation issue exists that could lead to a
bypass of cross-domain policy file restrictions with
certain server encodings. (CVE-2010-3636)
- A memory corruption vulnerability exists in the ActiveX
- An unspecified issue exists which could lead to a
denial of service or potentially arbitrary code
- Multiple memory corruption issues exist that could lead
to arbitrary code execution. (CVE-2010-3640,
CVE-2010-3641, CVE-2010-3642, CVE-2010-3643,
CVE-2010-3644, CVE-2010-3645, CVE-2010-3646,
CVE-2010-3647, CVE-2010-3648, CVE-2010-3649,
- A library-loading vulnerability could lead to code
See also :
Upgrade to Flash Player 10.1.102.64 / 9.0.289 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Nessus Plugin ID: 50493 ()
CVE ID: CVE-2010-3636
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now