FreeBSD : flash -- remote code execution (84147b46-e876-486d-b746-339ee45a8bb9)

critical Nessus Plugin ID 86433

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Adobe reports :

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-7645, CVE-2015-7647, CVE-2015-7648).

Solution

Update the affected packages.

See Also

https://helpx.adobe.com/security/products/flash-player/apsb15-27.html

http://www.nessus.org/u?d22115d2

Plugin Details

Severity: Critical

ID: 86433

File Name: freebsd_pkg_84147b46e876486db746339ee45a8bb9.nasl

Version: 2.10

Type: local

Published: 10/19/2015

Updated: 3/8/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:linux-c6_64-flashplugin, p-cpe:/a:freebsd:freebsd:linux-c6-flashplugin, p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/16/2015

Vulnerability Publication Date: 10/16/2015

CISA Known Exploited Vulnerability Due Dates: 3/24/2022

Reference Information

CVE: CVE-2015-7645, CVE-2015-7647, CVE-2015-7648