MS KB3008925: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
High Nessus Plugin ID 79839
SynopsisThe remote Windows host has a browser plugin that is affected by multiple vulnerabilities.
DescriptionThe remote host is missing KB3008925. It is, therefore, affected by the following vulnerabilities :
- A security bypass vulnerability that allows an attacker to bypass the same-origin policy. (CVE-2014-0580)
- Multiple memory corruption vulnerabilities that allow an attacker to execute arbitrary code. (CVE-2014-0587, CVE-2014-9164)
- A use-after-free vulnerability that can result in arbitrary code execution. (CVE-2014-8443)
- An unspecified information disclosure vulnerability.
- A stack-based buffer overflow vulnerability that can be exploited to execute arbitrary code or elevate privileges. (CVE-2014-9163)
SolutionInstall Microsoft KB3008925.