Executive Summary

Summary
Title flash-plugin security update
Informations
Name RHSA-2010:0829 First vendor Publication 2010-11-05
Vendor RedHat Last vendor Modification 2010-11-05
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB10-26, listed in the References section.

Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2010-3639, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652, CVE-2010-3654)

An input validation flaw was discovered in flash-plugin. Certain server encodings could lead to a bypass of cross-domain policy file restrictions, possibly leading to cross-domain information disclosure. (CVE-2010-3636)

During testing, it was discovered that there were regressions with Flash Player on certain sites, such as fullscreen playback on YouTube. Despite these regressions, we feel these security flaws are serious enough to update the package with what Adobe has provided.

All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.1.102.64.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

647525 - CVE-2010-3654 acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26) 649938 - flash-plugin: security bulletin APSB10-26

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0829.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-264 Permissions, Privileges, and Access Controls
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11310
 
Oval ID: oval:org.mitre.oval:def:11310
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3639
Version: 15
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11636
 
Oval ID: oval:org.mitre.oval:def:11636
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3650
Version: 15
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11660
 
Oval ID: oval:org.mitre.oval:def:11660
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3644
Version: 15
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11842
 
Oval ID: oval:org.mitre.oval:def:11842
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3648
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11872
 
Oval ID: oval:org.mitre.oval:def:11872
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3649
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11905
 
Oval ID: oval:org.mitre.oval:def:11905
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3645
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11922
 
Oval ID: oval:org.mitre.oval:def:11922
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3646
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11965
 
Oval ID: oval:org.mitre.oval:def:11965
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3652
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12065
 
Oval ID: oval:org.mitre.oval:def:12065
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3642
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12095
 
Oval ID: oval:org.mitre.oval:def:12095
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3647
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12142
 
Oval ID: oval:org.mitre.oval:def:12142
Title: Vulnerability in parsing of a cross-domain policy file in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3636
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12151
 
Oval ID: oval:org.mitre.oval:def:12151
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3643
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12154
 
Oval ID: oval:org.mitre.oval:def:12154
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3641
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12179
 
Oval ID: oval:org.mitre.oval:def:12179
Title: Unspecified vulnerability which cause a denial of service (memory corruption) in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3640
Version: 16
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12625
 
Oval ID: oval:org.mitre.oval:def:12625
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3639
Version: 5
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13294
 
Oval ID: oval:org.mitre.oval:def:13294
Title: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3654
Version: 24
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe Acrobat
Adobe Reader
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15284
 
Oval ID: oval:org.mitre.oval:def:15284
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3652
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15750
 
Oval ID: oval:org.mitre.oval:def:15750
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3649
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15913
 
Oval ID: oval:org.mitre.oval:def:15913
Title: Vulnerability in parsing of a cross-domain policy file in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3636
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15961
 
Oval ID: oval:org.mitre.oval:def:15961
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3645
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15971
 
Oval ID: oval:org.mitre.oval:def:15971
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3650
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15980
 
Oval ID: oval:org.mitre.oval:def:15980
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3648
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16160
 
Oval ID: oval:org.mitre.oval:def:16160
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3647
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16161
 
Oval ID: oval:org.mitre.oval:def:16161
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3641
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16183
 
Oval ID: oval:org.mitre.oval:def:16183
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3646
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16220
 
Oval ID: oval:org.mitre.oval:def:16220
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3644
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16242
 
Oval ID: oval:org.mitre.oval:def:16242
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3643
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16254
 
Oval ID: oval:org.mitre.oval:def:16254
Title: Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3642
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16281
 
Oval ID: oval:org.mitre.oval:def:16281
Title: Unspecified vulnerability which cause a denial of service (memory corruption) in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family: macos Class: vulnerability
Reference(s): CVE-2010-3640
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22102
 
Oval ID: oval:org.mitre.oval:def:22102
Title: RHSA-2010:0867: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0867-02
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 198
Platform(s): Red Hat Enterprise Linux 6
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22325
 
Oval ID: oval:org.mitre.oval:def:22325
Title: RHSA-2010:0829: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0829-01
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 198
Platform(s): Red Hat Enterprise Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23206
 
Oval ID: oval:org.mitre.oval:def:23206
Title: ELSA-2010:0829: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0829-01
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 65
Platform(s): Oracle Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23533
 
Oval ID: oval:org.mitre.oval:def:23533
Title: ELSA-2010:0867: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0867-02
CVE-2010-3636
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
Version: 65
Platform(s): Oracle Linux 6
Product(s): flash-plugin
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 106
Application 8

SAINT Exploits

Description Link
Adobe Flash Player Flash Content Parsing Code Execution More info here

ExploitDB Exploits

id Description
2011-04-19 Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP...
2010-11-01 Adobe Flash Player "Button" Remote Code Execution
2010-11-05 Adobe Flash ActionIf Integer Denial of Service Vulnerability

OpenVAS Exploits

Date Description
2011-09-07 Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
File : nvt/gb_macosx_su10-007.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201101-08 (acroread)
File : nvt/glsa_201101_08.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash)
File : nvt/glsa_201101_09.nasl
2011-01-04 Name : SuSE Update for acoread SUSE-SA:2010:058
File : nvt/gb_suse_2010_058.nasl
2010-11-17 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin11.nasl
2010-11-16 Name : SuSE Update for flash-player SUSE-SA:2010:055
File : nvt/gb_suse_2010_055.nasl
2010-11-12 Name : Adobe Flash Player Multiple Vulnerabilities (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_nov10_lin.nasl
2010-11-12 Name : Adobe Flash Player Multiple Vulnerabilities (Windows)
File : nvt/gb_adobe_flash_player_mult_vuln_nov10_win.nasl
2010-11-10 Name : Adobe Products Content Code Execution Vulnerability (Linux)
File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_lin.nasl
2010-11-10 Name : Adobe Products Content Code Execution Vulnerability (Windows)
File : nvt/gb_adobe_prdts_arbitrary_code_exec_vuln_nov10_win.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
69146 Adobe Flash Unspecified Cross-Domain Policy Bypass (2010-3636)

Adobe Flash contains a flaw that may allow an attacker to bypass cross-domain policy file restrictions. No further details have been provided.
69133 Adobe Flash Unspecified DoS (2010-3639)

Adobe Flash contains a flaw that may allow an attacker to cause a denial of service. No further details have been provided.
69132 Adobe Flash Unspecified Memory Corruption (2010-3640)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69131 Adobe Flash Unspecified Memory Corruption (2010-3641)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69130 Adobe Flash Unspecified Memory Corruption (2010-3642)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69129 Adobe Flash Unspecified Memory Corruption (2010-3643)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69128 Adobe Flash Unspecified Memory Corruption (2010-3644)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69127 Adobe Flash Unspecified Memory Corruption (2010-3645)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69126 Adobe Flash Unspecified Memory Corruption (2010-3646)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69125 Adobe Flash Unspecified Memory Corruption (2010-3647)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69124 Adobe Flash Unspecified Memory Corruption (2010-3648)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69123 Adobe Flash Unspecified Memory Corruption (2010-3649)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69122 Adobe Flash Unspecified Memory Corruption (2010-3650)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
69121 Adobe Flash Unspecified Memory Corruption (2010-3652)

An unspecified memory corruption flaw exists in Adobe Flash. This may allow an attacker to execute arbitrary code. No further details have been provided.
68932 Adobe Multiple Products Crafted SWF Movie Handling Overflow (2010-3654)

Adobe Acrobat, Flash and Reader contains a flaw that may allow a remote attacker to execute arbitrary commands or code. An unspecified error can be exploited to execute arbitrary code

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office TIFF filter remote code execution attempt
RuleID : 19316 - Revision : 8 - Type : FILE-OFFICE
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19280 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19279 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19278 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19277 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19276 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over pop3
RuleID : 19275 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19274 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19273 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19272 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19271 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash over smtp
RuleID : 19270 - Revision : 4 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 19269 - Revision : 14 - Type : FILE-PDF
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 19268 - Revision : 14 - Type : FILE-PDF
2014-01-10 Adobe Flash Player content parsing execution attempt
RuleID : 18992 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript remote code execution attempt
RuleID : 18180 - Revision : 6 - Type : FILE-FLASH
2014-01-10 Adobe Flash authplay.dll memory corruption attempt
RuleID : 17808 - Revision : 8 - Type : FILE-FLASH
2014-01-10 attempted download of a PDF with embedded Flash
RuleID : 15727 - Revision : 27 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-101206.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0834.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0829.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-101206.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-101206.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7266.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7267.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-7223.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201101-09.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201101-08.nasl - Type : ACT_GATHER_INFO
2010-12-09 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-101203.nasl - Type : ACT_GATHER_INFO
2010-12-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-101203.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-101104.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0934.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0867.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb10-28.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb10-28.nasl - Type : ACT_GATHER_INFO
2010-11-15 Name : The remote Windows host contains a version of Adobe AIR that is affected by m...
File : adobe_air_apsb10-26.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-11-08 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_76b597e4e9c611df9e10001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-11-05 Name : The remote Windows host contains a browser plug-in that is affected by multip...
File : flash_player_apsb10-26.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:54:00
  • Multiple Updates