Flash Player < 18.104.22.168 RCE (APSB15-27) (Pawn Storm)
High Nessus Network Monitor Plugin ID 8991
The remote host is running an outdated version of Adobe Flash Player for Internet Explorer that is affected by multiple remote code execution vulnerabilities.
Versions of Adobe Flash Player prior to 22.214.171.124 are unpatched for the following vulnerabilities : - A type confusion flaw is triggered when handling the 'IExternalizable.writeExternal()' method. (CVE-2015-7645) - Two unspecified type confusion flaws may lead to arbitrary code execution. (CVE-2015-7647, CVE-2015-7648) These flaws may allow a context-dependent attacker to potentially execute arbitrary code. Successful exploitation could result in a crash or potentially allowing an attacker to take control of the affected system.
Upgrade to Adobe Flash Player version 126.96.36.199 or later. If 19.x cannot be obtained, ESR version 188.8.131.52 has also been patched for these vulnerabilities.