This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update resolves a universal cross-site scripting issue that could
be used to take actions on a user's behalf on any website or webmail
provider if the user visits a malicious website (CVE-2011-2444).
Note: There are reports that this issue is being exploited in the wild
in active targeted attacks designed to trick the user into clicking on
a malicious link delivered in an email message.
This update resolves an AVM stack overflow issue that may allow for
remote code execution. (CVE-2011-2426).
This update resolves an AVM stack overflow issue that may lead to
denial of service and code execution. (CVE-2011-2427).
This update resolves a logic error issue which causes a browser crash
and may lead to code execution. (CVE-2011- 2428).
This update resolves a Flash Player security control bypass which
could allow information disclosure. (CVE-2011-2429).
This update resolves a streaming media logic error vulnerability which
could lead to code execution. (CVE-2011-2430).
See also :
Update the affected flash-player package.
Risk factor :
High / CVSS Base Score : 9.3
Family: SuSE Local Security Checks
Nessus Plugin ID: 75838 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now