RHEL 3 / 4 : flash-plugin (RHSA-2006:0674)

Medium Nessus Plugin ID 63833


The remote Red Hat host is missing a security update.


An updated Adobe Flash Player package that fixes security issues is now available.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash Player browser plug-in.

Security issues were discovered in the Adobe Flash Player. It may be possible to execute arbitrary code on a victim's machine if the victim opens a malicious Adobe Flash file. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588)

Users of Adobe Flash Player should upgrade to this updated package, which contains version 7.0.68 and is not vulnerable to this issue.

Red Hat would like to thank Adobe for notifying us of these issues.


Update the affected flash-plugin package.

See Also







Plugin Details

Severity: Medium

ID: 63833

File Name: redhat-RHSA-2006-0674.nasl

Version: $Revision: 1.5 $

Type: local

Agent: unix

Published: 2013/01/24

Modified: 2014/05/02

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:flash-plugin, cpe:/o:redhat:enterprise_linux:3, cpe:/o:redhat:enterprise_linux:4

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2006/09/12

Vulnerability Publication Date: 2006/07/05

Reference Information

CVE: CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, CVE-2006-4640

OSVDB: 27113, 28732, 28733

RHSA: 2006:0674

CWE: 264