This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote SuSE 11 host is missing a security update.
This update resolves
- a universal cross-site scripting issue that could be
used to take actions on a user's behalf on any website
or webmail provider if the user visits a malicious
Note: There are reports that this issue is being
exploited in the wild in active targeted attacks
designed to trick the user into clicking on a malicious
link delivered in an email message.
- an AVM stack overflow issue that may allow for remote
code execution. (CVE-2011-2426)
- an AVM stack overflow issue that may lead to denial of
service and code execution. (CVE-2011-2427).
- a logic error issue which causes a browser crash and may
lead to code execution. (CVE-2011- 2428).
- a Flash Player security control bypass which could allow
information disclosure. (CVE-2011-2429).
- a streaming media logic error vulnerability which could
lead to code execution. (CVE-2011-2430).
See also :
Apply SAT patch number 5184.
Risk factor :
High / CVSS Base Score : 9.3
Family: SuSE Local Security Checks
Nessus Plugin ID: 57101 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now