SuSE 11.3 Security Update : flash-player (SAT Patch Number 9704)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

Adobe Flash Player has been updated to 11.2.202.406 which fixes
various security issues.

These updates :

- resolve a memory leakage vulnerability that could have
been used to bypass memory address randomization.
(CVE-2014-0557)

- resolve a security bypass vulnerability. (CVE-2014-0554)

- resolve a use-after-free vulnerability that could have
lead to code execution. (CVE-2014-0553)

- resolve memory corruption vulnerabilities that could
have lead to code execution. (CVE-2014-0547 /
CVE-2014-0549 / CVE-2014-0550 / CVE-2014-0551 /
CVE-2014-0552 / CVE-2014-0555)

- resolve a vulnerability that could have been used to
bypass the same origin policy. (CVE-2014-0548)

- resolve a heap buffer overflow vulnerability that could
have lead to code execution (CVE-2014-0556 /
CVE-2014-0559). More information can be found on
http://helpx.adobe.com/security/products/flash-player/ap
sb14-21.html

See also :

https://bugzilla.novell.com/show_bug.cgi?id=895856
http://support.novell.com/security/cve/CVE-2014-0547.html
http://support.novell.com/security/cve/CVE-2014-0548.html
http://support.novell.com/security/cve/CVE-2014-0549.html
http://support.novell.com/security/cve/CVE-2014-0550.html
http://support.novell.com/security/cve/CVE-2014-0551.html
http://support.novell.com/security/cve/CVE-2014-0552.html
http://support.novell.com/security/cve/CVE-2014-0553.html
http://support.novell.com/security/cve/CVE-2014-0554.html
http://support.novell.com/security/cve/CVE-2014-0555.html
http://support.novell.com/security/cve/CVE-2014-0556.html
http://support.novell.com/security/cve/CVE-2014-0557.html
http://support.novell.com/security/cve/CVE-2014-0559.html

Solution :

Apply SAT patch number 9704.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now