Executive Summary

Summary
Title Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution
Informations
Name KB979267 First vendor Publication 2010-01-12
Vendor Microsoft Last vendor Modification 1970-01-01
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

General Information

Executive Summary

Microsoft is aware of reports of vulnerabilities in Adobe Flash Player 6 provided in Windows XP. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time but recommend that users install the latest version of Flash Player provided by Adobe.

The Adobe Flash Player 6 was provided with Windows XP and contains multiple vulnerabilities that could allow remote code execution if a user views a specially crafted Web page. Adobe has addressed these vulnerabilities in newer versions of Adobe Flash Player. Microsoft recommends that users of Windows XP with Adobe Flash Player 6 installed update to the most current version of Flash Player available from Adobe.

Advisory Details

Affected and Non-Affected Software

This advisory discusses the following software.

Affected Software
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Non-Affected Software
Microsoft Windows 2000 Service Pack 4
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems

Frequently Asked Questions

What is the scope of the advisory?
Microsoft is aware of vulnerability reports affecting Adobe Flash Player 6 provided in supported editions of Windows XP listed in the Affected Software section. This is an advisory to notify users to remove Adobe Flash Player 6 on Windows XP systems and/or to install the most current version of Flash Player available from Adobe.

What is Adobe Flash Player?
Adobe Flash Player is a lightweight browser plug-in and runtime that delivers interactive content, video, and applications across operating systems and browsers. For more information on Adobe Flash Player, visit Adobe Flash Player Home.

What causes this threat?
Multiple vulnerabilities exist in Adobe Flash Player 6 provided in Windows XP when used in a Web browsing scenario. An attacker who exploits these vulnerabilities could execute code on the affected system.

How could an attacker exploit the vulnerability?
An attacker could host a specially crafted Web site that is designed to exploit these vulnerabilities through Internet Explorer and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.

How do I remove Adobe Flash Player 6?
There are multiple ways to remove Adobe Flash Player 6 on Windows XP systems. For directions on the manual steps required to remove Adobe Flash Player 6, see How to remove the Flash Player ActiveX control. Adobe also provides an uninstaller tool that removes Adobe Flash Player. For more information on the uninstaller tool, see How to uninstall the Adobe Flash Player plug-in and ActiveX control.

Note The uninstaller tool removes all versions of Adobe Flash Player and is not specific to Adobe Flash Player 6.

How do I install the latest version of Adobe Flash Player?
To install the most current version of Adobe Flash Player, see Install Adobe Flash Player.

Mitigating Factors

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of this issue. The following mitigating factors may be helpful in your situation:

  • Adobe Flash Player version 6 was only provided in Windows XP systems. All other supported versions of the Windows operating system do not include the Adobe Flash Player.

Suggested Actions

Perform one or both of the following steps:

  • Uninstall the Adobe Flash Player version 6.
  • Install the most current version of Flash Player available from Adobe.

Additional Suggested Actions

  • Review the Microsoft Knowledge Base Article that is associated with this advisory

    All customers should apply the most recent security updates released by Microsoft to help ensure that their systems are protected from attempted exploitation. Customers who have enabled Automatic Updates will automatically receive all Windows updates. For more information about Microsoft security updates, visit Microsoft Security Central.

    We continue to encourage customers to follow our Protect Your Computer guidance of enabling a firewall, getting software updates and installing antivirus software. Customers can learn more about these steps by visiting Protect Your Computer.

  • For more information about staying safe on the Internet, visit Microsoft Security Central.
  • Keep Windows Updated

    All Windows users should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit Windows Update, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them.

Original Source

Url : http://www.microsoft.com/technet/security/advisory/979267.mspx

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-416 Use After Free

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14146
 
Oval ID: oval:org.mitre.oval:def:14146
Title: Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free "Movie Unloading Vulnerability" (CVE-2010-0378). NOTE: due to lack of details, it is not clear whether this overlaps any other CVE item.
Description: Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free "Movie Unloading Vulnerability" (CVE-2010-0378). NOTE: due to lack of details, it is not clear whether this overlaps any other CVE item.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0379
 Version: 15
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
 Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7580
 
Oval ID: oval:org.mitre.oval:def:7580
Title: Use-after-free vulnerability in Adobe Flash Player 6.0.79
Description: Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-0378
 Version: 13
Platform(s): Microsoft Windows XP
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
 Product(s): Adobe Flash Player
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Os 3

OpenVAS Exploits

Date Description
2010-01-13 Name : Adobe Flash Player Remote Code Execution Vulnerability (WinXP)
File : nvt/gb_adobe_flash_player_remote_code_exec_vuln_winxp.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
61906 Adobe Flash Player on Windows ActiveX Unspecified Arbitrary Remote Code Execu...
61905 Adobe Flash Player on Windows Use-after-free Movie Unloading Memory Corruption

Nessus® Vulnerability Scanner

Date Description
2010-01-18 Name : The Flash ActiveX control installed on the remote Windows host has multiple v...
File : smb_kb_979267.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:38:48
  • Multiple Updates