This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
A browser plugin is affected by multiple vulnerabilities.
According to its version, the instance of Flash Player installed on
the remote Windows host is 10.3.181.36 or earlier. As such, it is
reportedly affected by several critical vulnerabilities :
- Multiple buffer overflow vulnerabilities could lead to
code execution. (CVE-2011-2130, CVE-2011-2134,
CVE-2011-2137, CVE-2011-2414, CVE-2011-2415)
- Multiple memory corruption vulnerabilities could lead to
code execution. (CVE-2011-2135, CVE-2011-2140,
CVE-2011-2417, CVE-2011-2424, CVE-2011-2425)
- Multiple integer overflow vulnerabilities could lead to
code execution. (CVE-2011-2136, CVE-2011-2138,
- A cross-site information disclosure vulnerability
exists that could lead to code execution.
By tricking a user on the affected system into opening a specially
crafted document with Flash content, an attacker could leverage these
vulnerabilities to execute arbitrary code remotely on the system
subject to the user's privileges.
See also :
Upgrade to Adobe Flash version 10.3.183.5 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.4
Public Exploit Available : true
Nessus Plugin ID: 55803 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now