Adobe Flash Player <= 22.214.171.124 Multiple Vulnerabilities (APSB15-28)
High Nessus Plugin ID 86851
SynopsisThe remote Windows host has a browser plugin installed that is affected by multiple vulnerabilities.
DescriptionThe version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 126.96.36.199. It is, therefore, affected by multiple vulnerabilities :
- A type confusion error exists that allows an attacker to execute arbitrary code. (CVE-2015-7659)
- A security bypass vulnerability exists that allows an attacker to write arbitrary data to the file system under user permissions. (CVE-2015-7662)
- Multiple use-after-free vulnerabilities exist that allow an attacker to execute arbitrary code. (CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046)
SolutionUpgrade to Adobe Flash Player version 188.8.131.52 or later.
Alternatively, Adobe has made version 184.108.40.2061 available for those installations that cannot be upgraded to the latest version.