openSUSE Security Update : flash-player (openSUSE-SU-2014:0197-1)

Critical Nessus Plugin ID 75246


The remote openSUSE host is missing a security update.


Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system (CVE-2014-0497).

More information can be found on:


Update the affected flash-player packages.

See Also

Plugin Details

Severity: Critical

ID: 75246

File Name: openSUSE-2014-109.nasl

Version: $Revision: 1.2 $

Type: local

Agent: unix

Published: 2014/06/13

Modified: 2016/05/20

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:flash-player, p-cpe:/a:novell:opensuse:flash-player-gnome, p-cpe:/a:novell:opensuse:flash-player-kde4, cpe:/o:novell:opensuse:12.3, cpe:/o:novell:opensuse:13.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/02/06

Exploitable With

Core Impact

Metasploit (Adobe Flash Player Integer Underflow Remote Code Execution)

Reference Information

CVE: CVE-2014-0497

BID: 65327