MS KB3065823: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

critical Nessus Plugin ID 84645
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Windows host has a browser plugin installed that is affected by multiple vulnerabilities.

Description

The remote Windows host is missing KB3065823. It is, therefore, affected by multiple vulnerabilities :

- An information disclosure vulnerability exists that allows an attacker to guess the address for the Flash heap. (CVE-2015-3097)

- Multiple heap-based buffer overflow vulnerabilities exist that allow arbitrary code execution.
(CVE-2015-3135, CVE-2015-4432, CVE-2015-5118)

- Multiple memory corruption vulnerabilities exist that allow arbitrary code execution. (CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, CVE-2015-4431)

- Multiple NULL pointer dereference flaws exist.
(CVE-2015-3126, CVE-2015-4429)

- A security bypass vulnerability exists that results in an information disclosure. (CVE-2015-3114)

- Multiple type confusion vulnerabilities exist that allow arbitrary code execution. (CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-4433)

- Multiple use-after-free errors exist that allow arbitrary code execution. (CVE-2015-3118, CVE-2015-3124, CVE-2015-5117, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, CVE-2015-5119)

- Multiple same-origin policy bypass vulnerabilities exist that allow information disclosure. (CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, CVE-2015-5116)

- A memory corruption issue exists due to improper validation of user-supplied input. An attacker can exploit this to execute arbitrary code. (CVE-2015-5124)

Solution

Install Microsoft KB3065823.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2755801

https://support.microsoft.com/en-us/help/3065823/microsoft-security-advisory-update-for-vulnerabilities-in-adobe-flash

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Plugin Details

Severity: Critical

ID: 84645

File Name: smb_kb3065823.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 7/9/2015

Updated: 11/22/2019

Dependencies: smb_hotfixes.nasl

Risk Information

CVSS Score Source: CVE-2015-5124

VPR

Risk Factor: Critical

Score: 9.8

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:adobe:flash_player

Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/8/2015

Vulnerability Publication Date: 7/8/2015

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Adobe Flash Player ByteArray Use After Free)

Reference Information

CVE: CVE-2014-0578, CVE-2015-3097, CVE-2015-3114, CVE-2015-3115, CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123, CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131, CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429, CVE-2015-4430, CVE-2015-4431, CVE-2015-4432, CVE-2015-4433, CVE-2015-5116, CVE-2015-5117, CVE-2015-5118, CVE-2015-5119, CVE-2015-5124

BID: 75090, 75568, 75590, 75591, 75592, 75593, 75594, 75595, 75596

MSKB: 3065823