This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
flash-player was updated to version 220.127.116.118 to fix 18 security
These security issues were fixed :
- Memory corruption vulnerabilities that could lead to
code execution (CVE-2014-0576, CVE-2014-0581,
- Use-after-free vulnerabilities that could lead to code
execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438).
- A double free vulnerability that could lead to code
- Type confusion vulnerabilities that could lead to code
execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585,
- Heap buffer overflow vulnerabilities that could lead to
code execution (CVE-2014-0582, CVE-2014-0589).
- An information disclosure vulnerability that could be
exploited to disclose session tokens (CVE-2014-8437).
- A heap buffer overflow vulnerability that could be
exploited to perform privilege escalation from low to
medium integrity level (CVE-2014-0583).
- A permission issue that could be exploited to perform
privilege escalation from low to medium integrity level
See also :
Update the affected flash-player packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Family: SuSE Local Security Checks
Nessus Plugin ID: 79324 ()
CVE ID: CVE-2014-0573
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now