FreeBSD : linux-flashplugin -- multiple vulnerabilities (53e531a7-e559-11e0-b481-001b2134ef46)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Adobe Product Security Incident Response Team reports :

Critical vulnerabilities have been identified in Adobe Flash Player
10.3.183.7 and earlier versions for Windows, Macintosh, Linux and
Solaris, and Adobe Flash Player 10.3.186.6 and earlier versions for
Android. These vulnerabilities could cause a crash and potentially
allow an attacker to take control of the affected system.

There are reports that one of these vulnerabilities (CVE-2011-2444) is
being exploited in the wild in active targeted attacks designed to
trick the user into clicking on a malicious link delivered in an email
message. This universal cross-site scripting issue could be used to
take actions on a user's behalf on any website or webmail provider if
the user visits a malicious website.

See also :

https://www.adobe.com/support/security/bulletins/apsb11-26.html
http://www.nessus.org/u?22b772a1

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56277 ()

Bugtraq ID:

CVE ID: CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now