FreeBSD : Adobe Flash Player -- critical vulnerabilities (8b3ecff5-c9b2-11e4-b71f-00bd5af88c00)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Adobe reports :

Adobe has released security updates for Adobe Flash Player for
Windows, Macintosh and Linux. These updates address vulnerabilities
that could potentially allow an attacker to take control of the
affected system. These updates resolve memory corruption
vulnerabilities that could lead to code execution (CVE-2015-0332,
CVE-2015-0333, CVE-2015-0335, CVE-2015-0339). These updates resolve
type confusion vulnerabilities that could lead to code execution
(CVE-2015-0334, CVE-2015-0336). These updates resolve a vulnerability
that could lead to a cross-domain policy bypass (CVE-2015-0337). These
updates resolve a vulnerability that could lead to a file upload
restriction bypass (CVE-2015-0340). These updates resolve an integer
overflow vulnerability that could lead to code execution
(CVE-2015-0338). These updates resolve use-after-free vulnerabilities
that could lead to code execution (CVE-2015-0341, CVE-2015-0342).

See also :

https://helpx.adobe.com/security/products/flash-player/apsb15-05.html
http://www.nessus.org/u?b4d82200

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now