Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title flash-plugin - 1-Month End Of Life Notice
Informations
Name RHSA-2011:0259 First vendor Publication 2011-02-15
Vendor RedHat Last vendor Modification 2011-02-15
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

The flash-plugin package on Red Hat Enterprise Linux 4 contains multiple security flaws and should no longer be used. This is the 1-month notification of Red Hat's plans to disable Adobe Flash Player 9 on Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical security impact.

2. Relevant releases/architectures:

Red Hat Desktop version 4 Extras - i386 Red Hat Enterprise Linux AS version 4 Extras - i386 Red Hat Enterprise Linux ES version 4 Extras - i386 Red Hat Enterprise Linux WS version 4 Extras - i386

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

Adobe Flash Player 9 is vulnerable to critical security flaws and should no longer be used. A remote attacker could use these flaws to execute arbitrary code with the privileges of the user running Flash Player 9. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607, CVE-2011-0608)

Adobe is no longer providing security updates for Adobe Flash Player 9, and is not providing a replacement Flash Player version compatible with Red Hat Enterprise Linux 4.

In one month Red Hat plans to release an update for the flash-plugin package that will prevent it from functioning. User wishing to continue using Flash Player 9, despite the vulnerabilities, can add the flash-plugin package to the up2date skip list. Refer to the following Red Hat Knowledgebase article for instructions on adding a package to the up2date skip list: https://access.redhat.com/kb/docs/DOC-1639

4. Solution:

This erratum contains a flash-plugin package with an updated version number to ensure the distribution of this notice; however, no changes have been made to the package.

5. Bugs fixed (http://bugzilla.redhat.com/):

676226 - CVE-2011-0558 CVE-2011-0559 CVE-2011-0560 CVE-2011-0561 CVE-2011-0571 CVE-2011-0572 CVE-2011-0573 CVE-2011-0574 CVE-2011-0575 CVE-2011-0577 CVE-2011-0578 CVE-2011-0607 CVE-2011-0608 flash-plugin: multiple code execution flaws (APSB11-02)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2011-0259.html

CWE : Common Weakness Enumeration

% Id Name
91 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13205
 
Oval ID: oval:org.mitre.oval:def:13205
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0578
Version: 19
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13429
 
Oval ID: oval:org.mitre.oval:def:13429
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0560
Version: 19
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13988
 
Oval ID: oval:org.mitre.oval:def:13988
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0574
Version: 19
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14009
 
Oval ID: oval:org.mitre.oval:def:14009
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0559
Version: 19
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14021
 
Oval ID: oval:org.mitre.oval:def:14021
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0572
Version: 19
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14056
 
Oval ID: oval:org.mitre.oval:def:14056
Title: Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
Description: Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0558
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14066
 
Oval ID: oval:org.mitre.oval:def:14066
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0608
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14095
 
Oval ID: oval:org.mitre.oval:def:14095
Title: Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Description: Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0575
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14115
 
Oval ID: oval:org.mitre.oval:def:14115
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0571
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14137
 
Oval ID: oval:org.mitre.oval:def:14137
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0607
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14164
 
Oval ID: oval:org.mitre.oval:def:14164
Title: Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
Description: Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0577
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14169
 
Oval ID: oval:org.mitre.oval:def:14169
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0561
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14172
 
Oval ID: oval:org.mitre.oval:def:14172
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0573
Version: 18
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15637
 
Oval ID: oval:org.mitre.oval:def:15637
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0574
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15754
 
Oval ID: oval:org.mitre.oval:def:15754
Title: Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
Description: Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0577
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15930
 
Oval ID: oval:org.mitre.oval:def:15930
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0561
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15931
 
Oval ID: oval:org.mitre.oval:def:15931
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0572
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16018
 
Oval ID: oval:org.mitre.oval:def:16018
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0578
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16026
 
Oval ID: oval:org.mitre.oval:def:16026
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0608
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16028
 
Oval ID: oval:org.mitre.oval:def:16028
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0571
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16127
 
Oval ID: oval:org.mitre.oval:def:16127
Title: Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Description: Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0575
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16129
 
Oval ID: oval:org.mitre.oval:def:16129
Title: Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
Description: Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0558
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16174
 
Oval ID: oval:org.mitre.oval:def:16174
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0560
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16194
 
Oval ID: oval:org.mitre.oval:def:16194
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0607
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16231
 
Oval ID: oval:org.mitre.oval:def:16231
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0559
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16262
 
Oval ID: oval:org.mitre.oval:def:16262
Title: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Family: macos Class: vulnerability
Reference(s): CVE-2011-0573
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21857
 
Oval ID: oval:org.mitre.oval:def:21857
Title: RHSA-2011:0206: flash-plugin security update (Critical)
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Family: unix Class: patch
Reference(s): RHSA-2011:0206-01
CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0573
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
Version: 174
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23543
 
Oval ID: oval:org.mitre.oval:def:23543
Title: ELSA-2011:0206: flash-plugin security update (Critical)
Description: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Family: unix Class: patch
Reference(s): ELSA-2011:0206-01
CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0573
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
Version: 57
Platform(s): Oracle Linux 6
Product(s): flash-plugin
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 111

OpenVAS Exploits

Date Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)
File : nvt/glsa_201110_11.nasl
2011-03-15 Name : SuSE Update for acroread SUSE-SA:2011:011
File : nvt/gb_suse_2011_011.nasl
2011-03-05 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin12.nasl
2011-02-15 Name : Adobe Flash Player Multiple Vulnerabilities February-2011 (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_lin_feb11.nasl
2011-02-15 Name : Adobe Flash Player Multiple Vulnerabilities February-2011 (Windows)
File : nvt/gb_adobe_flash_player_mult_vuln_win_feb11.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70976 Adobe Flash Player Function Class ActionScript Method Handling Overflow

An overflow condition exists in Adobe Flash Player. The program fails to sanitize user-supplied input when parsing a certain sequence of ActionScript code within an Adobe Flash file, resulting in an integer overflow. With a specially crafted Adobe Flash file containing certain specific parameters, a context-dependent attacker can execute arbitrary code.
70923 Adobe Flash Player Unspecified Memory Corruption (2011-0608)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70922 Adobe Flash Player Unspecified Memory Corruption (2011-0607)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70921 Adobe Flash Player ActionScript3 Object Handling Memory Corruption

A memory corruption flaw exists in Adobe Flash Player. A specific ActionScript3 object's construction fails to sanitize user-supplied input when the object is applied to a bitmap copy, resulting in memory corruption. With a specially crafted file or page, a context-dependent attacker can execute arbitrary code.
70920 Adobe Flash Player Unspecified Font Parsing Code Execution (2011-0577)

Adobe Flash Player contains a flaw related to the font-parsing functionality that may allow an attacker to execute arbitrary code via a crafted font. No further details have been provided.
70919 Adobe Flash Player Path Subversion Arbitrary DLL Injection Code Execution

Adobe Flash Player is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.
70918 Adobe Flash Player Unspecified Memory Corruption (2011-0574)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70917 Adobe Flash Player Unspecified Memory Corruption (2011-0573)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70916 Adobe Flash Player Unspecified Memory Corruption (2011-0572)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70915 Adobe Flash Player Unspecified Memory Corruption (2011-0571)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70914 Adobe Flash Player Unspecified Memory Corruption (2011-0561)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70913 Adobe Flash Player Unspecified Memory Corruption (2011-0560)

A memory corruption flaw exists in Adobe Flash Player. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. This may allow an attacker to execute arbitrary code via unspecified vectors.
70911 Adobe Flash Player ActionScript Handling Unspecified Memory Corruption

A memory corruption flaw exists in Adobe Flash Player. The programfails to sanitize user-supplied input when parsing a certain sequence of ActionScript code within an Adobe Flash file, resulting in memory corruption. With a specially crafted Adobe Flash file containing certain specific parameters, a context-dependent attacker can execute arbitrary code.

Snort® IPS/IDS

Date Description
2014-01-10 Multiple exploit kit Payload detection - readme.dll
RuleID : 27898 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - calc.dll
RuleID : 27897 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - contacts.dll
RuleID : 27896 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - info.dll
RuleID : 27895 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - about.dll
RuleID : 27894 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 iFramer toolkit injected iframe detected - specific structure
RuleID : 27271 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27072 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27071 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - info.dll
RuleID : 26508 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit jar file downloaded
RuleID : 26434 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Nuclear exploit kit landing page
RuleID : 26343 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Nuclear exploit kit landing page - specific structure
RuleID : 26342 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Nuclear exploit kit landing page
RuleID : 26341 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page retrieval - ff.php
RuleID : 26339 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 IFRAMEr injection detection - leads to exploit kit
RuleID : 26338 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page - specific structure
RuleID : 26337 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 26227 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit 32-alpha jar request
RuleID : 25798 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit redirection successful
RuleID : 25611 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page
RuleID : 25569 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 25568 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Multiple Exploit Kit Payload detection - setup.exe
RuleID : 25526 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit redirection successful
RuleID : 25388 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - readme.exe
RuleID : 25387 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - about.exe
RuleID : 25386 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - calc.exe
RuleID : 25385 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - contacts.exe
RuleID : 25384 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit Payload detection - info.exe
RuleID : 25383 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Multiple exploit kit malicious jar file dropped
RuleID : 25382 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit url structure detected
RuleID : 25043 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit redirection successful
RuleID : 24638 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit redirection page - specific structure
RuleID : 24637 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit redirection page - specific structure
RuleID : 24636 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page download attempt
RuleID : 24608 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page received - specific structure
RuleID : 24593 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page download attempt
RuleID : 24548 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page download attempt
RuleID : 24547 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page download attempt
RuleID : 24546 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole admin page outbound access attempt
RuleID : 24544 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackhole admin page inbound access attempt
RuleID : 24543 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit fallback executable download
RuleID : 24501 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole - Cookie Set
RuleID : 24475 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page Received
RuleID : 24228 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 - URI Structure
RuleID : 24227 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackholev2 exploit kit landing page received
RuleID : 24226 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole possible email Landing to 8 chr folder
RuleID : 24171 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure
RuleID : 24054 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure
RuleID : 24053 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - fewbgazr catch
RuleID : 23962 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - hwehes
RuleID : 23850 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole redirection attempt
RuleID : 23849 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole redirection attempt
RuleID : 23848 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole redirection page
RuleID : 23797 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - Math.round catch
RuleID : 23786 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - Math.floor catch
RuleID : 23785 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page
RuleID : 23781 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page request - tkr
RuleID : 23622 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch ...
RuleID : 23619 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page download attempt
RuleID : 23159 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch
RuleID : 23158 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Nuclear Pack exploit kit binary download
RuleID : 23157 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10 Nuclear Pack exploit kit landing page
RuleID : 23156 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10 Blackhole redirection attempt
RuleID : 22949 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole Exploit Kit javascript service method
RuleID : 22088 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10 Blackhole landing redirection page
RuleID : 22041 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole suspected landing page
RuleID : 22040 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole suspected landing page
RuleID : 22039 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit landing page with specific structure - Loading
RuleID : 21876 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Possible exploit kit post compromise activity - taskkill
RuleID : 21875 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Possible exploit kit post compromise activity - StrReverse
RuleID : 21874 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - catch
RuleID : 21661 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page Requested - /Index/index.php
RuleID : 21660 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page Requested - /Home/index.php
RuleID : 21659 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page
RuleID : 21658 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page - specific structure
RuleID : 21657 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch
RuleID : 21646-community - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch
RuleID : 21646 - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - BBB
RuleID : 21581 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific header
RuleID : 21549 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific header
RuleID : 21539 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch
RuleID : 21492-community - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page with specific structure - prototype catch
RuleID : 21492 - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit JavaScript carat string splitting with hostile applet
RuleID : 21438-community - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit JavaScript carat string splitting with hostile applet
RuleID : 21438 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit URL - search.php?page=
RuleID : 21348 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit URL - .php?page=
RuleID : 21347 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit malicious jar download
RuleID : 21346 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit malicious jar request
RuleID : 21345 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit pdf download
RuleID : 21344 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit pdf request
RuleID : 21343 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit response
RuleID : 21259 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit control panel access
RuleID : 21141 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10 Eleanore exploit kit post-exploit page request
RuleID : 21071 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10 Eleanore exploit kit pdf exploit page request
RuleID : 21070 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Eleanore exploit kit exploit fetch request
RuleID : 21069 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Eleanore exploit kit landing page
RuleID : 21068 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page
RuleID : 21045 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit landing page
RuleID : 21044 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit post-compromise download attempt - .php?e=
RuleID : 21043 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit post-compromise download attempt - .php?f=
RuleID : 21042 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10 Blackhole exploit kit URL - main.php?page=
RuleID : 21041 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10 Adobe Flash Player ActionPush overflow attempt
RuleID : 18505 - Revision : 7 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionConstantPool overflow attempt
RuleID : 18504 - Revision : 7 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript flash.geom.Point constructor memory corruptio...
RuleID : 18503 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript Actionlf out of range negative offset attempt
RuleID : 18502 - Revision : 7 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt
RuleID : 18446 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt
RuleID : 18445 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player forged atom type attempt
RuleID : 18444 - Revision : 8 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript beginGradientFill memory corruption attempt
RuleID : 18421 - Revision : 8 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript ASnative function remote code execution attempt
RuleID : 18420 - Revision : 13 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player ActionScript apply function memory corruption attempt
RuleID : 18418 - Revision : 14 - Type : FILE-FLASH

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_flash-player-110209.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-110302.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0259.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-11.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-110302.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-110209.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-110301.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-110301.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7358.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7359.nasl - Type : ACT_GATHER_INFO
2011-02-15 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-110209.nasl - Type : ACT_GATHER_INFO
2011-02-15 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-7332.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4a3482da362411e0b995001b2134ef46.nasl - Type : ACT_GATHER_INFO
2011-02-10 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0206.nasl - Type : ACT_GATHER_INFO
2011-02-09 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb11-03.nasl - Type : ACT_GATHER_INFO
2011-02-09 Name : The remote Windows host contains a browser plug-in that is affected by multip...
File : flash_player_apsb11-02.nasl - Type : ACT_GATHER_INFO
2011-02-09 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb11-03.nasl - Type : ACT_GATHER_INFO
2007-06-05 Name : The remote host is missing Sun Security Patch number 125332-24
File : solaris10_125332.nasl - Type : ACT_GATHER_INFO
2007-06-05 Name : The remote host is missing Sun Security Patch number 125333-23
File : solaris10_x86_125333.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:54:21
  • Multiple Updates