This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update resolves
- a universal cross-site scripting issue that could be
used to take actions on a user's behalf on any website
or webmail provider if the user visits a malicious
Note: There are reports that this issue is being
exploited in the wild in active targeted attacks
designed to trick the user into clicking on a malicious
link delivered in an email message.
- an AVM stack overflow issue that may allow for remote
code execution. (CVE-2011-2426)
- an AVM stack overflow issue that may lead to denial of
service and code execution. (CVE-2011-2427).
- a logic error issue which causes a browser crash and may
lead to code execution. (CVE-2011- 2428).
- a Flash Player security control bypass which could allow
information disclosure. (CVE-2011-2429).
- a streaming media logic error vulnerability which could
lead to code execution. (CVE-2011-2430).
See also :
Apply ZYPP patch number 7763.
Risk factor :
High / CVSS Base Score : 9.3