Flash Player <= / Multiple Memory Corruption Vulnerabilities (APSB12-07)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has a browser plugin that is affected by
multiple memory corruption vulnerabilities.

Description :

According to its version, the instance of Flash Player installed on
the remote Windows host is 10.x equal to or earlier than
or 11.x equal to or earlier than It is, therefore,
reportedly affected by several critical memory corruption
vulnerabilities :

- Memory corruption vulnerabilities related to URL
security domain checking. (CVE-2012-0772)

- A flaw in the NetStream Class that could lead to remote
code execution. (CVE-2012-0773)

- Two Flash Player memory corruption vulnerabilities
related to the Google Chrome interface.
(CVE-2012-0724, CVE-2012-0725)

By tricking a victim into visiting a specially crafted page, an
attacker may be able to utilize these vulnerabilities to execute
arbitrary code subject to the users' privileges.

See also :


Solution :

Upgrade to Adobe Flash version / or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 58538 ()

Bugtraq ID: 52748

CVE ID: CVE-2012-0772

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now