Detections
Analytics
Adobe Shockwave Player <= 12.2.7.197 DLL Hijacking (APSB17-08)
high Nessus Plugin ID 97835
Language:
Synopsis
The remote Windows host contains a web browser plugin that is affected by a DLL hijacking vulnerability.Description
The remote Windows host contains a version of Adobe Shockwave Player that is prior or equal to 12.2.7.197. It is, therefore, affected by a DLL hijacking vulnerability when loading certain dynamic link library (DLL) files due to searching an insecure path that may not be trusted or under user control. An unauthenticated, remote attacker can exploit this issue to execute arbitrary code, with the privileges of the user running the program, by placing a specially crafted file in the path and convincing the user to open a supported file type (e.g., located on a remote WebDAV share).Solution
Upgrade to Adobe Shockwave Player version 12.2.8.198 or later.See Also
https://helpx.adobe.com/security/products/shockwave/apsb17-08.html
Plugin Details
Severity: High
ID: 97835
File Name: shockwave_player_apsb17-08.nasl
Version: 1.6
Type: local
Agent: windows
Family: Windows
Published: 3/20/2017
Updated: 11/13/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2017-2983
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:adobe:shockwave_player
Required KB Items: SMB/shockwave_player
Exploit Ease: No known exploits are available
Patch Publication Date: 3/14/2017
Vulnerability Publication Date: 3/14/2017
Reference Information
CVE: CVE-2017-2983
BID: 96863