Detections
Analytics

Flash Player < 6.0.79.0 Multiple Unspecified Overflows

high Nessus Plugin ID 11323

Synopsis

The remote Windows host has a browser plugin that is prone to buffer overflow attacks.

Description

The remote host has an old version of the Flash Player plugin installed.

An attacker may use this flaw to construct a malicious website with a badly-formed Flash animation that, when viewed using a vulnerable version of the software, will cause a buffer overflow and allow for arbitrary code execution subject to the plugin user's privileges.

Solution

Upgrade to version 6.0.79.0 or later.

See Also

http://www.nessus.org/u?97e55111

Plugin Details

Severity: High

ID: 11323

File Name: flash_player_overflows.nasl

Version: 1.34

Type: local

Agent: windows

Family: Windows

Published: 3/6/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:adobe:flash_player

Required KB Items: SMB/Flash_Player/installed

Exploit Ease: No known exploits are available

Patch Publication Date: 3/3/2003

Reference Information

BID: 7005