Vulnerabilities > CVE-2010-2884 - Remote Code Execution vulnerability in Adobe Flash Player

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
adobe
google
apple
microsoft
critical
nessus

Summary

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.

Vulnerable Configurations

Part Description Count
Application
Adobe
248
OS
Google
1
OS
Apple
1
OS
Microsoft
1

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2010-007.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-007 applied. This security update contains fixes for the following products : - AFP Server - Apache mod_perl - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - ImageIO - Image RAW - MySQL - Password Server - PHP - Printing - python - QuickLook - Safari RSS - Wiki Server - X11
    last seen2020-06-01
    modified2020-06-02
    plugin id50549
    published2010-11-10
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50549
    titleMac OS X Multiple Vulnerabilities (Security Update 2010-007)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3000) exit(0);
    
    
    include("compat.inc");
    
    
    if (description)
    {
      script_id(50549);
      script_version("1.48");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id(
        "CVE-2008-4546",
        "CVE-2009-0796",
        "CVE-2009-0946",
        "CVE-2009-2624",
        "CVE-2009-3793",
        "CVE-2009-4134",
        "CVE-2010-0105",
        "CVE-2010-0205",
        "CVE-2010-0209",
        "CVE-2010-0397",
        "CVE-2010-1205",
        "CVE-2010-1297",
        "CVE-2010-1449",
        "CVE-2010-1450",
        "CVE-2010-1752",
        "CVE-2010-1811",
        "CVE-2010-1828",
        "CVE-2010-1829",
        "CVE-2010-1830",
        "CVE-2010-1831",
        "CVE-2010-1832",
        "CVE-2010-1836",
        "CVE-2010-1837",
        "CVE-2010-1838",
        "CVE-2010-1840",
        "CVE-2010-1841",
        "CVE-2010-1845",
        "CVE-2010-1846",
        "CVE-2010-1848",
        "CVE-2010-1849",
        "CVE-2010-1850",
        "CVE-2010-2160",
        "CVE-2010-2161",
        "CVE-2010-2162",
        "CVE-2010-2163",
        "CVE-2010-2164",
        "CVE-2010-2165",
        "CVE-2010-2166",
        "CVE-2010-2167",
        "CVE-2010-2169",
        "CVE-2010-2170",
        "CVE-2010-2171",
        "CVE-2010-2172",
        "CVE-2010-2173",
        "CVE-2010-2174",
        "CVE-2010-2175",
        "CVE-2010-2176",
        "CVE-2010-2177",
        "CVE-2010-2178",
        "CVE-2010-2179",
        "CVE-2010-2180",
        "CVE-2010-2181",
        "CVE-2010-2182",
        "CVE-2010-2183",
        "CVE-2010-2184",
        "CVE-2010-2185",
        "CVE-2010-2186",
        "CVE-2010-2187",
        "CVE-2010-2188",
        "CVE-2010-2189",
        "CVE-2010-2213",
        "CVE-2010-2214",
        "CVE-2010-2215",
        "CVE-2010-2216",
        "CVE-2010-2249",
        "CVE-2010-2484",
        "CVE-2010-2497",
        "CVE-2010-2498",
        "CVE-2010-2499",
        "CVE-2010-2500",
        "CVE-2010-2519",
        "CVE-2010-2520",
        "CVE-2010-2531",
        "CVE-2010-2805",
        "CVE-2010-2806",
        "CVE-2010-2807",
        "CVE-2010-2808",
        "CVE-2010-2884",
        "CVE-2010-2941",
        "CVE-2010-3053",
        "CVE-2010-3054",
        "CVE-2010-3636",
        "CVE-2010-3638",
        "CVE-2010-3639",
        "CVE-2010-3640",
        "CVE-2010-3641",
        "CVE-2010-3642",
        "CVE-2010-3643",
        "CVE-2010-3644",
        "CVE-2010-3645",
        "CVE-2010-3646",
        "CVE-2010-3647",
        "CVE-2010-3648",
        "CVE-2010-3649",
        "CVE-2010-3650",
        "CVE-2010-3652",
        "CVE-2010-3654",
        "CVE-2010-3783",
        "CVE-2010-3784",
        "CVE-2010-3785",
        "CVE-2010-3796",
        "CVE-2010-3797",
        "CVE-2010-3976",
        "CVE-2010-4010"
      );
      script_bugtraq_id(
        31537,
        34383,
        34550,
        38478,
        39658,
        40361,
        40363,
        40365,
        40586,
        40779,
        40780,
        40781,
        40782,
        40783,
        40784,
        40785,
        40786,
        40787,
        40788,
        40789,
        40790,
        40791,
        40792,
        40793,
        40794,
        40795,
        40796,
        40797,
        40798,
        40799,
        40800,
        40801,
        40802,
        40803,
        40805,
        40806,
        40807,
        40808,
        40809,
        41049,
        41174,
        42285,
        42621,
        42624,
        44504,
        44530,
        44671,
        44729,
        44800,
        44802,
        44804,
        44806,
        44807,
        44808,
        44812,
        44814,
        44815,
        44816,
        44817,
        44819,
        44822,
        44829,
        44832,
        44833,
        44835,
        99999
      );
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2010-007)");
      script_summary(english:"Check for the presence of Security Update 2010-007");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The remote host is missing a Mac OS X update that fixes security
    issues."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is running a version of Mac OS X 10.5 that does not
    have Security Update 2010-007 applied. 
    
    This security update contains fixes for the following products :
    
      - AFP Server
      - Apache mod_perl
      - ATS
      - CFNetwork
      - CoreGraphics
      - CoreText
      - CUPS
      - Directory Services
      - diskdev_cmds
      - Disk Images
      - Flash Player plug-in
      - gzip
      - ImageIO
      - Image RAW
      - MySQL
      - Password Server
      - PHP
      - Printing
      - python
      - QuickLook
      - Safari RSS
      - Wiki Server
      - X11"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://support.apple.com/kb/HT4435"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://lists.apple.com/archives/security-announce/2010/Nov/msg00000.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install Security Update 2010-007 or later."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "Button" Remote Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(20, 79, 189, 399);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/11/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/10");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
    
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if (!uname) exit(0, "The 'Host/uname' KB item is missing.");
    
    pat = "^.+Darwin.* ([0-9]+\.[0-9.]+).*$";
    if (!ereg(pattern:pat, string:uname)) exit(0, "Can't identify the Darwin kernel version from the uname output ("+uname+").");
    
    
    darwin = ereg_replace(pattern:pat, replace:"\1", string:uname);
    if (ereg(pattern:"^9\.[0-8]\.", string:darwin))
    {
      packages = get_kb_item("Host/MacOSX/packages/boms");
      if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing.");
    
      if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2010\.00[7-9]|201[1-9]\.[0-9]+)(\.leopard)?\.bom", string:packages)) 
        exit(0, "The host has Security Update 2010-007 or later installed and therefore is not affected.");
      else 
        security_hole(0);
    }
    else exit(0, "The host is running Darwin kernel version "+darwin+" and therefore is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_FLASH-PLAYER-7165.NASL
    descriptionFlash Player was updated to version 10.1.85.3 to fix a critical security issue. (CVE-2010-2884)
    last seen2020-06-01
    modified2020-06-02
    plugin id51738
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51738
    titleSuSE 10 Security Update : flash-player (ZYPP Patch Number 7165)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51738);
      script_version ("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2010-2884");
    
      script_name(english:"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7165)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Flash Player was updated to version 10.1.85.3 to fix a critical
    security issue. (CVE-2010-2884)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2884.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7165.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"flash-player-9.0.283.0-0.4.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_ACROREAD-101007.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code (CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658).
    last seen2020-06-01
    modified2020-06-02
    plugin id49824
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49824
    titleopenSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-3275.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49824);
      script_version("1.14");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2010-2883", "CVE-2010-2884", "CVE-2010-2887", "CVE-2010-2889", "CVE-2010-2890", "CVE-2010-3619", "CVE-2010-3620", "CVE-2010-3621", "CVE-2010-3622", "CVE-2010-3623", "CVE-2010-3624", "CVE-2010-3625", "CVE-2010-3626", "CVE-2010-3627", "CVE-2010-3628", "CVE-2010-3629", "CVE-2010-3630", "CVE-2010-3631", "CVE-2010-3632", "CVE-2010-3656", "CVE-2010-3657", "CVE-2010-3658");
    
      script_name(english:"openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)");
      script_summary(english:"Check for the acroread-3275 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF documents could crash acroread or lead to
    execution of arbitrary code (CVE-2010-2883, CVE-2010-2884,
    CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619,
    CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623,
    CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627,
    CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631,
    CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=638466"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-10/msg00005.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-971");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/10/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-cmaps-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ja-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-ko-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_CN-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"acroread-fonts-zh_TW-9.4-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-cmaps / acroread-fonts-ja / acroread-fonts-ko / etc");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_6_5.NASL
    descriptionThe remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.5. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache mod_perl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - Image Capture - ImageIO - Image RAW - Kernel - MySQL - neon - Networking - OpenLDAP - OpenSSL - Password Server - PHP - Printing - python - QuickLook - QuickTime - Safari RSS - Time Machine - Wiki Server - X11 - xar
    last seen2020-06-01
    modified2020-06-02
    plugin id50548
    published2010-11-10
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50548
    titleMac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3000) exit(0);
    
    
    include("compat.inc");
    
    
    if (description)
    {
      script_id(50548);
      script_version("1.52");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id(
        "CVE-2008-4546",
        "CVE-2009-0796",
        "CVE-2009-0946",
        "CVE-2009-2473",
        "CVE-2009-2474",
        "CVE-2009-2624",
        "CVE-2009-3793",
        "CVE-2009-4134",
        "CVE-2010-0001",
        "CVE-2010-0105",
        "CVE-2010-0205",
        "CVE-2010-0209",
        "CVE-2010-0211",
        "CVE-2010-0212",
        "CVE-2010-0397",
        "CVE-2010-0408",
        "CVE-2010-0434",
        "CVE-2010-1205",
        "CVE-2010-1297",
        "CVE-2010-1378",
        "CVE-2010-1449",
        "CVE-2010-1450",
        "CVE-2010-1752",
        "CVE-2010-1803",
        "CVE-2010-1811",
        "CVE-2010-1828",
        "CVE-2010-1829",
        "CVE-2010-1830",
        "CVE-2010-1831",
        "CVE-2010-1832",
        "CVE-2010-1833",
        "CVE-2010-1834",
        "CVE-2010-1836",
        "CVE-2010-1837",
        "CVE-2010-1838",
        "CVE-2010-1840",
        "CVE-2010-1841",
        "CVE-2010-1842",
        "CVE-2010-1843",
        "CVE-2010-1844",
        "CVE-2010-1845",
        "CVE-2010-1846",
        "CVE-2010-1847",
        "CVE-2010-1848",
        "CVE-2010-1849",
        "CVE-2010-1850",
        "CVE-2010-2160",
        "CVE-2010-2161",
        "CVE-2010-2162",
        "CVE-2010-2163",
        "CVE-2010-2164",
        "CVE-2010-2165",
        "CVE-2010-2166",
        "CVE-2010-2167",
        "CVE-2010-2169",
        "CVE-2010-2170",
        "CVE-2010-2171",
        "CVE-2010-2172",
        "CVE-2010-2173",
        "CVE-2010-2174",
        "CVE-2010-2175",
        "CVE-2010-2176",
        "CVE-2010-2177",
        "CVE-2010-2178",
        "CVE-2010-2179",
        "CVE-2010-2180",
        "CVE-2010-2181",
        "CVE-2010-2182",
        "CVE-2010-2183",
        "CVE-2010-2184",
        "CVE-2010-2185",
        "CVE-2010-2186",
        "CVE-2010-2187",
        "CVE-2010-2188",
        "CVE-2010-2189",
        "CVE-2010-2213",
        "CVE-2010-2214",
        "CVE-2010-2215",
        "CVE-2010-2216",
        "CVE-2010-2249",
        "CVE-2010-2497",
        "CVE-2010-2498",
        "CVE-2010-2499",
        "CVE-2010-2500",
        "CVE-2010-2519",
        "CVE-2010-2520",
        "CVE-2010-2531",
        "CVE-2010-2805",
        "CVE-2010-2806",
        "CVE-2010-2807",
        "CVE-2010-2808",
        "CVE-2010-2884",
        "CVE-2010-2941",
        "CVE-2010-3053",
        "CVE-2010-3054",
        "CVE-2010-3636",
        "CVE-2010-3638",
        "CVE-2010-3639",
        "CVE-2010-3640",
        "CVE-2010-3641",
        "CVE-2010-3642",
        "CVE-2010-3643",
        "CVE-2010-3644",
        "CVE-2010-3645",
        "CVE-2010-3646",
        "CVE-2010-3647",
        "CVE-2010-3648",
        "CVE-2010-3649",
        "CVE-2010-3650",
        "CVE-2010-3652",
        "CVE-2010-3654",
        "CVE-2010-3783",
        "CVE-2010-3784",
        "CVE-2010-3785",
        "CVE-2010-3786",
        "CVE-2010-3787",
        "CVE-2010-3788",
        "CVE-2010-3789",
        "CVE-2010-3790",
        "CVE-2010-3791",
        "CVE-2010-3792",
        "CVE-2010-3793",
        "CVE-2010-3794",
        "CVE-2010-3795",
        "CVE-2010-3796",
        "CVE-2010-3797",
        "CVE-2010-3798",
        "CVE-2010-3976"
      );
      script_bugtraq_id(
        31537,
        34383,
        34550,
        36079,
        38478,
        38491,
        38494,
        38708,
        39658,
        40361,
        40363,
        40365,
        40586,
        40779,
        40780,
        40781,
        40782,
        40783,
        40784,
        40785,
        40786,
        40787,
        40788,
        40789,
        40790,
        40791,
        40792,
        40793,
        40794,
        40795,
        40796,
        40797,
        40798,
        40799,
        40800,
        40801,
        40802,
        40803,
        40805,
        40806,
        40807,
        40808,
        40809,
        41049,
        41174,
        41770,
        42285,
        42621,
        42624,
        44504,
        44530,
        44671,
        44784,
        44785,
        44787,
        44789,
        44790,
        44792,
        44794,
        44795,
        44796,
        44798,
        44799,
        44800,
        44802,
        44803,
        44804,
        44805,
        44806,
        44807,
        44808,
        44811,
        44812,
        44813,
        44814,
        44815,
        44816,
        44817,
        44819,
        44822,
        44828,
        44829,
        44831,
        44832,
        44833,
        44834,
        44835,
        44840
      );
    
      script_name(english:"Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities");
      script_summary(english:"Check the version of Mac OS X");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is running a version of Mac OS X 10.6.x that is prior
    to 10.6.5.
    
    Mac OS X 10.6.5 contains security fixes for the following products :
    
      - AFP Server
      - Apache mod_perl
      - Apache
      - AppKit
      - ATS
      - CFNetwork
      - CoreGraphics
      - CoreText
      - CUPS
      - Directory Services
      - diskdev_cmds
      - Disk Images
      - Flash Player plug-in
      - gzip
      - Image Capture
      - ImageIO
      - Image RAW
      - Kernel
      - MySQL
      - neon
      - Networking
      - OpenLDAP
      - OpenSSL
      - Password Server
      - PHP
      - Printing
      - python
      - QuickLook
      - QuickTime
      - Safari RSS
      - Time Machine
      - Wiki Server
      - X11
      - xar"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://support.apple.com/kb/HT4435"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://lists.apple.com/archives/security-announce/2010/Nov/msg00000.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Upgrade to Mac OS X 10.6.5 or later."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "Button" Remote Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(20, 79, 189, 200, 310, 399);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/11/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/10");
    
      script_set_attribute(attribute:"plugin_type", value:"combined");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
     
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
     
      script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
    
     exit(0);
    }
    
    
    os = get_kb_item("Host/MacOSX/Version");
    if (!os)
    {
      os = get_kb_item("Host/OS");
      if (isnull(os)) exit(0, "The 'Host/OS' KB item is missing.");
      if ("Mac OS X" >!< os) exit(0, "The host does not appear to be running Mac OS X.");
    
      c = get_kb_item("Host/OS/Confidence");
      if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
    }
    if (!os) exit(0, "The host does not appear to be running Mac OS X.");
    
    
    if (ereg(pattern:"Mac OS X 10\.6($|\.[0-4]([^0-9]|$))", string:os)) security_hole(0);
    else exit(0, "The host is not affected as it is running "+os+".");
    
  • NASL familyWindows
    NASL idADOBE_READER_APSA10-02.NASL
    descriptionThe version of Adobe Reader installed on the remote host is earlier than 9.4 / 8.2.5. Such versions are affected by multiple code execution vulnerabilities. Note that there have been reports that one or more of these issues are being actively exploited in the wild.
    last seen2020-06-01
    modified2020-06-02
    plugin id49173
    published2010-09-09
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49173
    titleAdobe Reader < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include('compat.inc');
    
    if (description)
    {
      script_id(49173);
      script_version("1.28");
      script_cvs_date("Date: 2018/11/15 20:50:26");
    
      script_xref(name:"CERT", value:"491991");
      script_xref(name:"Secunia", value:"41340");
    
      script_name(english:"Adobe Reader < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)");
      script_summary(english:"Checks version of Adobe Reader");
    
      script_cve_id(
        "CVE-2010-2883",
        "CVE-2010-2884",
        "CVE-2010-2888",
        "CVE-2010-2889",
        "CVE-2010-2890",
        "CVE-2010-3619",
        "CVE-2010-3620",
        "CVE-2010-3621",
        "CVE-2010-3622",
        "CVE-2010-3625",
        "CVE-2010-3626",
        "CVE-2010-3627",
        "CVE-2010-3628",
        "CVE-2010-3629",
        "CVE-2010-3630",
        "CVE-2010-3632",
        "CVE-2010-3656",
        "CVE-2010-3657",
        "CVE-2010-3658"
      );
      script_bugtraq_id(
        43057,
        43205,
        43722,
        43723,
        43724,
        43725,
        43726,
        43727,
        43729,
        43730,
        43732,
        43734,
        43735,
        43737,
        43738,
        43739,
        43741,
        43744,
        43746
      );
    
      script_set_attribute(attribute:"synopsis", value:
    "The version of Adobe Reader on the remote Windows host is affected
    by multiple vulnerabilities.");
      script_set_attribute(attribute:"description",value:
    "The version of Adobe Reader installed on the remote host is
    earlier than 9.4 / 8.2.5.  Such versions are affected by multiple
    code execution vulnerabilities.
    
    Note that there have been reports that one or more of these issues
    are being actively exploited in the wild.");
      # http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ac085b0c");
      # https://isc.sans.edu/diary/Adobe+AcrobatReader+0-day+in+Wild%2C+Adobe+Issues+Advisory/9523
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9783f73a");
      script_set_attribute(attribute:"see_also", value:"https://www.adobe.com/support/security/advisories/apsa10-02.html");
      script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-21.html");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Adobe Reader 9.4 / 8.2.5 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-971");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/09/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/10/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/09");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:'Windows');
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
    
      script_dependencies('adobe_reader_installed.nasl');
      script_require_keys('SMB/Acroread/Version');
      exit(0);
    }
    
    include('global_settings.inc');
    
    info =  '';
    info2 = '';
    vuln = 0;
    vers = get_kb_list('SMB/Acroread/Version');
    if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB list is missing.');
    
    foreach version (vers)
    {
      ver = split(version, sep:'.', keep:FALSE);
      for (i=0; i<max_index(ver); i++)
        ver[i] = int(ver[i]);
    
      path = get_kb_item('SMB/Acroread/'+version+'/Path');
      if (isnull(path)) path = 'n/a';
    
      verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI');
      if (isnull(verui)) verui = version;
    
      if ( ver[0]  < 8 ||
          (ver[0] == 8 && ver[1]  < 2) ||
          (ver[0] == 8 && ver[1] == 2  && ver[2] < 5) ||
          (ver[0] == 9 && ver[1]  < 4)
      )
      {
        vuln++;
        info += '\n  Path              : '+path+
                '\n  Installed version : '+verui+ 
                '\n  Fixed version     : 9.4 / 8.2.5\n';
      }
      else
        info2 += " and " + verui;
    }
    
    if (info)
    {
      if (report_verbosity > 0)
      {
        if (vuln > 1) s = "s of Adobe Reader are";
        else s = " of Adobe Reader is";
    
        report =
          '\nThe following vulnerable instance'+s+' installed on the'+
          '\nremote host :\n'+
          info;
        security_hole(port:get_kb_item("SMB/transport"), extra:report);
      }
      else security_hole(get_kb_item("SMB/transport"));
    
      exit(0);
    }
    
    if (info2) 
    {
      info2 -= " and ";
      if (" and " >< info2) be = "are";
      else be = "is";
    
      exit(0, "The host is not affected since Adobe Reader "+info2+" "+be+" installed.");
    }
    else exit(1, "Unexpected error - 'info2' is empty.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_ACROREAD-101007.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code (CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658).
    last seen2020-06-01
    modified2020-06-02
    plugin id75419
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75419
    titleopenSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-3275.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75419);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2010-2883", "CVE-2010-2884", "CVE-2010-2887", "CVE-2010-2889", "CVE-2010-2890", "CVE-2010-3619", "CVE-2010-3620", "CVE-2010-3621", "CVE-2010-3622", "CVE-2010-3623", "CVE-2010-3624", "CVE-2010-3625", "CVE-2010-3626", "CVE-2010-3627", "CVE-2010-3628", "CVE-2010-3629", "CVE-2010-3630", "CVE-2010-3631", "CVE-2010-3632", "CVE-2010-3656", "CVE-2010-3657", "CVE-2010-3658");
    
      script_name(english:"openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)");
      script_summary(english:"Check for the acroread-3275 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF documents could crash acroread or lead to
    execution of arbitrary code (CVE-2010-2883, CVE-2010-2884,
    CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619,
    CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623,
    CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627,
    CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631,
    CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=638466"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-10/msg00005.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-971");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/10/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.3", reference:"acroread-9.4-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD_JA-7182.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 / CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 / CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 / CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 / CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 / CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)
    last seen2020-06-01
    modified2020-06-02
    plugin id51715
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51715
    titleSuSE 10 Security Update : acroread_ja (ZYPP Patch Number 7182)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(51715);
      script_version ("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2010-2883", "CVE-2010-2884", "CVE-2010-2887", "CVE-2010-2889", "CVE-2010-2890", "CVE-2010-3619", "CVE-2010-3620", "CVE-2010-3621", "CVE-2010-3622", "CVE-2010-3623", "CVE-2010-3624", "CVE-2010-3625", "CVE-2010-3626", "CVE-2010-3627", "CVE-2010-3628", "CVE-2010-3629", "CVE-2010-3630", "CVE-2010-3631", "CVE-2010-3632", "CVE-2010-3656", "CVE-2010-3657", "CVE-2010-3658");
    
      script_name(english:"SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 7182)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF documents could crash acroread or lead to
    execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 /
    CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 /
    CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 /
    CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 /
    CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 /
    CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2883.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2884.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2887.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2889.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-2890.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3619.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3620.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3621.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3622.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3623.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3624.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3625.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3626.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3627.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3628.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3629.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3630.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3631.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3632.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3656.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3657.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-3658.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7182.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-971");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/10/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"acroread_ja-9.4-0.4.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0706.NASL
    descriptionAn updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 3 and 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB10-22, listed in the References section. If a victim loaded a page containing specially crafted SWF content, it could cause flash-plugin to crash or, potentially, execute arbitrary code. (CVE-2010-2884) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.1.85.3 for users of Red Hat Enterprise Linux 5 Supplementary, and version 9.0.283 for users of Red Hat Enterprise Linux 3 and 4 Extras.
    last seen2020-06-01
    modified2020-06-02
    plugin id49640
    published2010-09-22
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49640
    titleRHEL 3 / 4 / 5 : flash-plugin (RHSA-2010:0706)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2010:0706. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49640);
      script_version ("1.29");
      script_cvs_date("Date: 2019/10/25 13:36:15");
    
      script_cve_id("CVE-2010-2884");
      script_bugtraq_id(43205);
      script_xref(name:"RHSA", value:"2010:0706");
    
      script_name(english:"RHEL 3 / 4 / 5 : flash-plugin (RHSA-2010:0706)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An updated Adobe Flash Player package that fixes one security issue is
    now available for Red Hat Enterprise Linux 3 and 4 Extras, and Red Hat
    Enterprise Linux 5 Supplementary.
    
    The Red Hat Security Response Team has rated this update as having
    critical security impact. A Common Vulnerability Scoring System (CVSS)
    base score, which gives a detailed severity rating, is available from
    the CVE link in the References section.
    
    The flash-plugin package contains a Mozilla Firefox compatible Adobe
    Flash Player web browser plug-in.
    
    This update fixes one vulnerability in Adobe Flash Player. This
    vulnerability is detailed on the Adobe security page APSB10-22, listed
    in the References section. If a victim loaded a page containing
    specially crafted SWF content, it could cause flash-plugin to crash
    or, potentially, execute arbitrary code. (CVE-2010-2884)
    
    All users of Adobe Flash Player should install this updated package,
    which upgrades Flash Player to version 10.1.85.3 for users of Red Hat
    Enterprise Linux 5 Supplementary, and version 9.0.283 for users of Red
    Hat Enterprise Linux 3 and 4 Extras."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2010-2884"
      );
      # http://www.adobe.com/support/security/bulletins/apsb10-22.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.adobe.com/support/security/bulletins/apsb10-22.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2010:0706"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected flash-plugin package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/09/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2010:0706";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL3", reference:"flash-plugin-9.0.283.0-1.el3.with.oss")) flag++;
    
    
      if (rpm_check(release:"RHEL4", reference:"flash-plugin-9.0.283.0-1.el4")) flag++;
    
    
      if (rpm_check(release:"RHEL5", reference:"flash-plugin-10.1.85.3-1.el5")) flag++;
    
    
      if (flag)
      {
        flash_plugin_caveat = '\n' +
          'NOTE: This vulnerability check only applies to RedHat released\n' +
          'versions of the flash-plugin package. This check does not apply to\n' +
          'Adobe released versions of the flash-plugin package, which are\n' +
          'versioned similarly and cause collisions in detection.\n\n' +
    
          'If you are certain you are running the Adobe released package of\n' +
          'flash-plugin and are running a version of it equal or higher to the\n' +
          'RedHat version listed above then you can consider this a false\n' +
          'positive.\n';
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_FLASH-PLAYER-100921.NASL
    descriptionFlash Player was updated to version 10.1.85.3 to fix a critical security issue (CVE-2010-2884).
    last seen2020-06-01
    modified2020-06-02
    plugin id49641
    published2010-09-22
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49641
    titleopenSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update flash-player-3170.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49641);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2010-2884");
    
      script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)");
      script_summary(english:"Check for the flash-player-3170 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Flash Player was updated to version 10.1.85.3 to fix a critical
    security issue (CVE-2010-2884)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=639541"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-09/msg00039.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected flash-player package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/22");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"flash-player-10.1.85.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_ACROREAD-101007.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code (CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631, CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658).
    last seen2020-06-01
    modified2020-06-02
    plugin id49825
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49825
    titleopenSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update acroread-3275.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49825);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2010-2883", "CVE-2010-2884", "CVE-2010-2887", "CVE-2010-2889", "CVE-2010-2890", "CVE-2010-3619", "CVE-2010-3620", "CVE-2010-3621", "CVE-2010-3622", "CVE-2010-3623", "CVE-2010-3624", "CVE-2010-3625", "CVE-2010-3626", "CVE-2010-3627", "CVE-2010-3628", "CVE-2010-3629", "CVE-2010-3630", "CVE-2010-3631", "CVE-2010-3632", "CVE-2010-3656", "CVE-2010-3657", "CVE-2010-3658");
    
      script_name(english:"openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)");
      script_summary(english:"Check for the acroread-3275 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted PDF documents could crash acroread or lead to
    execution of arbitrary code (CVE-2010-2883, CVE-2010-2884,
    CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619,
    CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3623,
    CVE-2010-3624, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627,
    CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631,
    CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=638466"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-10/msg00005.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected acroread packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploithub_sku", value:"EH-11-971");
      script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-cmaps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ja");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-ko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:acroread-fonts-zh_TW");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/10/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-cmaps-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ja-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-ko-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_CN-9.4-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"acroread-fonts-zh_TW-9.4-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "acroread / acroread-cmaps / acroread-fonts-ja / acroread-fonts-ko / etc");
    }
    
  • NASL familyWindows
    NASL idFLASH_PLAYER_APSB10-22.NASL
    descriptionThe remote Windows host contains a version of Adobe Flash Player 9.x before 9.0.283 or 10.x earlier than 10.1.85.3. Such versions are potentially affected by an unspecified code execution vulnerability. Note that there are reports this is being actively exploited in the wild.
    last seen2020-06-01
    modified2020-06-02
    plugin id49307
    published2010-09-21
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49307
    titleFlash Player < 9.0.283 / 10.1.85.3 Unspecified Code Execution (APSB10-22)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    include("compat.inc");
    
    
    if (description)
    {
      script_id(49307);
      script_version("1.20");
      script_cvs_date("Date: 2018/07/11 17:09:26");
    
      script_cve_id("CVE-2010-2884");
      script_bugtraq_id(43205);
      script_xref(name:"CERT", value:"275289");
    
      script_name(english:"Flash Player < 9.0.283 / 10.1.85.3 Unspecified Code Execution (APSB10-22)");
      script_summary(english:"Checks version of Flash Player");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Windows host contains a browser plug-in that is affected
    by a code execution vulnerability."
      );
      script_set_attribute(attribute:"description", value:
    "The remote Windows host contains a version of Adobe Flash Player 9.x
    before 9.0.283 or 10.x earlier than 10.1.85.3.  Such versions are
    potentially affected by an unspecified code execution vulnerability. 
    
    Note that there are reports this is being actively exploited in the 
    wild.");
    
      script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-22.html");
      script_set_attribute(attribute:"solution", value:"Upgrade to Flash Player 10.1.85.3 / 9.0.283 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_set_attribute(attribute:"vuln_publication_date",value:"2010/09/13");
      script_set_attribute(attribute:"patch_publication_date",value:"2010/09/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/21");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
    
      script_dependencies("flash_player_installed.nasl");
      script_require_keys("SMB/Flash_Player/installed");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("misc_func.inc");
    
    
    get_kb_item_or_exit('SMB/Flash_Player/installed');
    
    info = '';
    
    foreach variant (make_list("Plugin", "ActiveX", "Chrome"))
    {
      vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/*");
      files = get_kb_list("SMB/Flash_Player/"+variant+"/File/*");
      if (!isnull(vers) && !isnull(files))
      {
        foreach key (keys(vers))
        {
          ver = vers[key];
          if (ver)
          {
            iver = split(ver, sep:'.', keep:FALSE);
            for(i=0;i<max_index(iver);i++)
              iver[i] = int(iver[i]);
      
            if (
              # nb: versions before 9.0 are not affected.
              # Chrome never shipped with Flash Player < 10.x
              (
                (iver[0] == 9 && iver[1] == 0 && iver[2] < 283) &&
                (variant == "Plugin" || variant == "ActiveX")
              ) ||
              (
                iver[0] == 10 &&
                (
                  iver[1] < 1 ||
                  (
                    iver[1] == 1 &&
                    (
                      iver[2] < 85 ||
                      (iver[2] == 85 && iver[3] < 3)
                    )
                  )
                )
              )
            )
            {
              num = key - ("SMB/Flash_Player/"+variant+"/Version/");
              file = files["SMB/Flash_Player/"+variant+"/File/"+num];
              if (variant == "Plugin")
              {
                info += '\n  Product : Browser Plugin (for Firefox / Netscape / Opera)';
              }
              else if (variant == "ActiveX")
              {
                info += '\n  Product : ActiveX control (for Internet Explorer)';
              }
              else if (variant == "Chrome")
              {
                info += '\n  Product : Browser Plugin (for Google Chrome)';
              }
              
              info += '\n  Path              : ' + file +
                      '\n  Installed version : ' + ver;
     
              if (variant == "Plugin" || variant == "ActiveX")
              { 
                if (iver[0] == 9)       info += '\n  Fixed version     : 9.0.283';
                else if (iver[0] == 10) info += '\n  Fixed version     : 10.1.85.3';
              }
    
              if (variant == "Chrome")
                info += '\n  Fixed version     : 10.1.85.3 (as included with Google Chrome 6.0.472.62)';
    
              info += '\n';
            }
          }
        }
      }
    }
    
    if (info)
    {
      if (report_verbosity > 0)
        security_hole(port:get_kb_item("SMB/transport"), extra:info);
      else
        security_hole(get_kb_item("SMB/transport"));
    }
    else exit(0, 'The host is not affected.');
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_FLASH-PLAYER-100921.NASL
    descriptionFlash Player was updated to version 10.1.85.3 to fix a critical security issue (CVE-2010-2884).
    last seen2020-06-01
    modified2020-06-02
    plugin id75492
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75492
    titleopenSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update flash-player-3170.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75492);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2010-2884");
    
      script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)");
      script_summary(english:"Check for the flash-player-3170 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Flash Player was updated to version 10.1.85.3 to fix a critical
    security issue (CVE-2010-2884)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=639541"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2010-09/msg00039.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected flash-player package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.3", reference:"flash-player-10.1.85.3-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0743.NASL
    descriptionUpdated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes multiple vulnerabilities in Adobe Reader. These vulnerabilities are detailed on the Adobe security page APSB10-21, listed in the References section. A specially crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2010-2883, CVE-2010-2884, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3632, CVE-2010-3658) An insecure relative RPATH (runtime library search path) set in some Adobe Reader libraries could allow a local attacker, who is able to convince another user to run Adobe Reader in an attacker-controlled directory, to execute arbitrary code with the privileges of the victim. (CVE-2010-2887) A specially crafted PDF file could cause Adobe Reader to crash when opened. (CVE-2010-3656, CVE-2010-3657) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id49786
    published2010-10-07
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49786
    titleRHEL 4 / 5 : acroread (RHSA-2010:0743)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_FLASH-PLAYER-100921.NASL
    descriptionFlash Player was updated to version 10.1.85.3 to fix a critical security issue. (CVE-2010-2884)
    last seen2020-06-01
    modified2020-06-02
    plugin id50903
    published2010-12-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50903
    titleSuSE 11 / 11.1 Security Update : flash-player (SAT Patch Numbers 3155 / 3157)
  • NASL familyWindows
    NASL idADOBE_ACROBAT_APSA10-02.NASL
    descriptionThe version of Adobe Acrobat installed on the remote host is earlier than 9.4 / 8.2.5. Such versions are affected by multiple code execution vulnerabilities. Note that there have been reports that one or more of these issues are being actively exploited in the wild.
    last seen2020-06-01
    modified2020-06-02
    plugin id49172
    published2010-09-09
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49172
    titleAdobe Acrobat < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD-101007.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 / CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 / CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 / CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 / CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 / CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)
    last seen2020-06-01
    modified2020-06-02
    plugin id50884
    published2010-12-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50884
    titleSuSE 11 / 11.1 Security Update : Acrobat Reader (SAT Patch Numbers 3268 / 3270)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201101-09.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201101-09 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Flash Player. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id51658
    published2011-01-24
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51658
    titleGLSA-201101-09 : Adobe Flash Player: Multiple vulnerabilities
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_8A34D9E6C66211DFB2E1001B2134EF46.NASL
    descriptionAdobe Product Security Incident Response Team reports : A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.
    last seen2020-06-01
    modified2020-06-02
    plugin id49652
    published2010-09-23
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49652
    titleFreeBSD : linux-flashplugin -- remote code execution (8a34d9e6-c662-11df-b2e1-001b2134ef46)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ACROREAD-7181.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 / CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 / CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 / CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 / CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 / CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)
    last seen2020-06-01
    modified2020-06-02
    plugin id51703
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51703
    titleSuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 7181)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_ACROREAD_JA-101007.NASL
    descriptionSpecially crafted PDF documents could crash acroread or lead to execution of arbitrary code. (CVE-2010-2883 / CVE-2010-2884 / CVE-2010-2887 / CVE-2010-2889 / CVE-2010-2890 / CVE-2010-3619 / CVE-2010-3620 / CVE-2010-3621 / CVE-2010-3622 / CVE-2010-3623 / CVE-2010-3624 / CVE-2010-3625 / CVE-2010-3626 / CVE-2010-3627 / CVE-2010-3628 / CVE-2010-3629 / CVE-2010-3630 / CVE-2010-3631 / CVE-2010-3632 / CVE-2010-3656 / CVE-2010-3657 / CVE-2010-3658)
    last seen2020-06-01
    modified2020-06-02
    plugin id50888
    published2010-12-02
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/50888
    titleSuSE 11 / 11.1 Security Update : acroread_ja (SAT Patch Numbers 3272 / 3273)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_FLASH-PLAYER-100921.NASL
    descriptionFlash Player was updated to version 10.1.85.3 to fix a critical security issue (CVE-2010-2884).
    last seen2020-06-01
    modified2020-06-02
    plugin id49642
    published2010-09-22
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/49642
    titleopenSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201101-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201101-08 (Adobe Reader: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Impact : A remote attacker might entice a user to open a specially crafted PDF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id51657
    published2011-01-24
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51657
    titleGLSA-201101-08 : Adobe Reader: Multiple vulnerabilities

Oval

accepted2015-08-03T04:01:58.398-04:00
classvulnerability
contributors
  • nameJ. Daniel Brown
    organizationDTCC
  • nameSecPod Team
    organizationSecPod Technologies
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Kedovskaya
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
  • commentAdobe Flash Player is installed
    ovaloval:org.mitre.oval:def:6700
  • commentAdobe Reader 8 Series is installed
    ovaloval:org.mitre.oval:def:6390
  • commentAdobe Reader 9 Series is installed
    ovaloval:org.mitre.oval:def:6523
  • commentAdobe Acrobat 9 Series is installed
    ovaloval:org.mitre.oval:def:6013
  • commentAdobe Acrobat 8 Series is installed
    ovaloval:org.mitre.oval:def:6452
  • commentActiveX Control is installed
    ovaloval:org.mitre.oval:def:26707
descriptionAdobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.
familywindows
idoval:org.mitre.oval:def:6852
statusaccepted
submitted2010-09-14T17:30:00.000-05:00
titleAdobe Flash Player, Acrobat Reader, and Acrobat Remote Code Execution Vulnerability
version79

Redhat

advisories
  • rhsa
    idRHSA-2010:0706
  • rhsa
    idRHSA-2010:0743
rpms
  • flash-plugin-0:10.1.85.3-1.el5
  • flash-plugin-0:9.0.283.0-1.el3.with.oss
  • flash-plugin-0:9.0.283.0-1.el4
  • acroread-0:9.4.0-1.el4
  • acroread-0:9.4.0-1.el5
  • acroread-plugin-0:9.4.0-1.el4
  • acroread-plugin-0:9.4.0-1.el5