KB4038806: Security update for Adobe Flash Player (September 2017)

High Nessus Plugin ID 103220


The remote Windows host has a browser plugin installed that is affected by multiple vulnerabilities.


The remote Windows host is missing security update KB4038806. It is, therefore, affected by multiple remote code execution vulnerabilies in Adobe Flash Player.


Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.

See Also




Plugin Details

Severity: High

ID: 103220

File Name: smb_nt_ms17_sep_4038806.nasl

Version: $Revision: 1.7 $

Type: local

Agent: windows

Published: 2017/09/14

Modified: 2018/01/16

Dependencies: 13855, 57033

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:ND


Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:adobe:flash_player

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/09/12

Vulnerability Publication Date: 2017/09/12

Reference Information

CVE: CVE-2017-11281, CVE-2017-11282

BID: 100710, 100716

OSVDB: 165215, 165216

MSKB: 4038806

MSFT: MS17-4038806