Flash Player APSB09-01 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 4937
SynopsisThe remote Windows host contains a browser plugin that is affected by multiple vulnerabilities.
DescriptionThe remote Windows host contains a version of Adobe Flash Player that is earlier than 10.0.22.87 / 220.127.116.11. Such versions are reportedly affected by multiple vulnerabilities :
- A buffer overflow issue that could allow an attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2009-0520)
- An input validation vulnerability that leads to a denial of service attack and could possibly allow for an attacker to execute arbitrary code. (CVE-2009-0519)
- A vulnerability in the Flash Player settings manager that could contribute to a clickjacking attack. (CVE-2009-0014)
- A vulnerability with the mouse pointer display that could contribute to a clickjacking attack. (CVE-2009-0522)
SolutionUpgrade to version 10.0.22.87 or higher. If you are unable to upgrade to version 10, upgrade to version 18.104.22.168 or higher.