Vulnerabilities > CVE-2011-0609
Summary
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
Vulnerable Configurations
Exploit-Db
description | Adobe Flash Player AVM Bytecode Verification. CVE-2011-0609. Remote exploit for windows platform |
id | EDB-ID:17027 |
last seen | 2016-02-02 |
modified | 2011-03-23 |
published | 2011-03-23 |
reporter | metasploit |
source | https://www.exploit-db.com/download/17027/ |
title | Adobe Flash Player AVM Bytecode Verification |
Metasploit
description | This module exploits a vulnerability in Adobe Flash Player versions 10.2.152.33 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for the RSA attack in March 2011. Specifically, this issue results in uninitialized memory being referenced and later executed. Taking advantage of this issue relies on heap spraying and controlling the uninitialized memory. Currently this exploit works for IE6, IE7, and Firefox 3.6 and likely several other browsers. DEP does catch the exploit and causes it to fail. Due to the nature of the uninitialized memory its fairly difficult to get around this restriction. |
id | MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_AVM |
last seen | 2020-06-04 |
modified | 2017-07-24 |
published | 2011-03-23 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/adobe_flashplayer_avm.rb |
title | Adobe Flash Player AVM Bytecode Verification Vulnerability |
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0372.NASL description An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-05, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. (CVE-2011-0609) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.2.153.1. last seen 2020-06-01 modified 2020-06-02 plugin id 52760 published 2011-03-23 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52760 title RHEL 5 / 6 : flash-plugin (RHSA-2011:0372) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:0372. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(52760); script_version ("1.27"); script_cvs_date("Date: 2019/10/25 13:36:16"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"RHSA", value:"2011:0372"); script_name(english:"RHEL 5 / 6 : flash-plugin (RHSA-2011:0372)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-05, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. (CVE-2011-0609) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.2.153.1." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0609" ); # http://www.adobe.com/support/security/bulletins/apsb11-05.html script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb11-05.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:0372" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-plugin package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2011:0372"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", reference:"flash-plugin-10.2.153.1-1.el5")) flag++; if (rpm_check(release:"RHEL6", reference:"flash-plugin-10.2.153.1-1.el6")) flag++; if (flag) { flash_plugin_caveat = '\n' + 'NOTE: This vulnerability check only applies to RedHat released\n' + 'versions of the flash-plugin package. This check does not apply to\n' + 'Adobe released versions of the flash-plugin package, which are\n' + 'versioned similarly and cause collisions in detection.\n\n' + 'If you are certain you are running the Adobe released package of\n' + 'flash-plugin and are running a version of it equal or higher to the\n' + 'RedHat version listed above then you can consider this a false\n' + 'positive.\n'; security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin"); } }
NASL family Windows NASL id ADOBE_READER_APSA11-01.NASL description The remote Windows host contains a version of Adobe Reader 9.x < 9.4.3 or 10.x < 10.1. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild. last seen 2020-06-01 modified 2020-06-02 plugin id 52672 published 2011-03-15 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52672 title Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52672); script_version("1.21"); script_cvs_date("Date: 2018/11/15 20:50:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_name(english:"Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06)"); script_summary(english:"Checks version of Adobe Reader"); script_set_attribute( attribute:"synopsis", value: "The version of Adobe Reader on the remote Windows host is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe Reader 9.x < 9.4.3 or 10.x < 10.1. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild." ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?82775d9e" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb11-06.html" ); # "The update for Adobe Reader X (10.x) for Windows also incorporate the updates # previously addressed in all other supported versions of Adobe Reader and Acrobat # as noted in Security Bulletin APSB11-06 and Security Bulletin APSB11-08." script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-16.html" ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1d9dd300" ); script_set_attribute( attribute:"solution", value: "Upgrade to Adobe Reader 9.4.2 / 10.1 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("adobe_reader_installed.nasl"); script_require_keys("SMB/Acroread/Version"); exit(0); } include('global_settings.inc'); info = ''; info2 = ''; vuln = 0; vers = get_kb_list('SMB/Acroread/Version'); if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB list is missing.'); foreach version (vers) { ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); path = get_kb_item('SMB/Acroread/'+version+'/Path'); if (isnull(path)) path = 'n/a'; verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI'); if (isnull(verui)) verui = version; if ( (ver[0] == 9 && ver[1] < 4) || (ver[0] == 9 && ver[1] == 4 && ver[2] < 3) || (ver[0] == 10 && ver[1] < 1) ) { vuln++; info += '\n Path : '+path+ '\n Installed version : '+verui+ '\n Fixed version : 9.4.3 / 10.1\n'; } else info2 += " and " + verui; } if (info) { if (report_verbosity > 0) { if (vuln > 1) s = "s of Adobe Reader are"; else s = " of Adobe Reader is"; report = '\nThe following vulnerable instance'+s+' installed on the'+ '\nremote host :\n'+ info; security_hole(port:get_kb_item("SMB/transport"), extra:report); } else security_hole(get_kb_item("SMB/transport")); exit(0); } if (info2) { info2 -= " and "; if (" and " >< info2) be = "are"; else be = "is"; exit(0, "The host is not affected since Adobe Reader "+info2+" "+be+" installed."); } else exit(1, "Unexpected error - 'info2' is empty.");
NASL family SuSE Local Security Checks NASL id SUSE_11_3_FLASH-PLAYER-110328.NASL description The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 75496 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75496 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4239. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75496); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)"); script_summary(english:"Check for the flash-player-4239 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=682902" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00031.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"flash-player-10.2.153.1-0.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }
NASL family Windows NASL id FLASH_PLAYER_APSA11-01.NASL description The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.153.1. Such versions are affected by an unspecified memory corruption vulnerability. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild. last seen 2020-06-01 modified 2020-06-02 plugin id 52673 published 2011-03-15 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52673 title Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52673); script_version("1.16"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_xref(name:"Secunia", value:"43751"); script_xref(name:"Secunia", value:"43757"); script_name(english:"Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05)"); script_summary(english:"Checks version of Flash Player"); script_set_attribute( attribute:"synopsis", value: "The remote Windows host contains a browser plug-in that is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.153.1. Such versions are affected by an unspecified memory corruption vulnerability. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild." ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?82775d9e" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-05.html" ); script_set_attribute( attribute:"solution", value:"Upgrade to Flash Player 10.2.153.1 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("flash_player_installed.nasl"); script_require_keys("SMB/Flash_Player/installed"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); get_kb_item_or_exit('SMB/Flash_Player/installed'); info = ''; foreach variant (make_list("Plugin", "ActiveX", "Chrome")) { vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/*"); files = get_kb_list("SMB/Flash_Player/"+variant+"/File/*"); if (!isnull(vers) && !isnull(files)) { foreach key (keys(vers)) { ver = vers[key]; if (ver) { iver = split(ver, sep:'.', keep:FALSE); for(i=0;i<max_index(iver);i++) iver[i] = int(iver[i]); if ( ("Plugin" >< variant || "ActiveX" >< variant) && ( iver[0] < 10 || ( iver[0] == 10 && ( iver[1] < 2 || ( iver[1] == 2 && ( iver[2] < 153 || (iver[2] == 153 && iver[3] < 1) ) ) ) ) ) ) { num = key - ("SMB/Flash_Player/"+variant+"/Version/"); file = files["SMB/Flash_Player/"+variant+"/File/"+num]; if (variant == "Plugin") { info += '\n Product : Browser Plugin (for Firefox / Netscape / Opera)'; } else if (variant == "ActiveX") { info += '\n Product : ActiveX control (for Internet Explorer)'; } info += '\n Path : ' + file + '\n Installed version : ' + ver + '\n Fixed version : 10.2.153.1\n'; } # Chrome else if ( ("Chrome" >< variant) && ( iver[0] < 10 || ( iver[0] == 10 && ( iver[1] < 2 || ( iver[1] == 2 && ( iver[2] < 154 || (iver[2] == 154 && iver[3] < 25) ) ) ) ) ) ) { num = key - ("SMB/Flash_Player/"+variant+"/Version/"); file = files["SMB/Flash_Player/"+variant+"/File/"+num]; info += '\n Product: Browser Plugin (for Google Chrome)'; info += '\n Path : ' + file + '\n Installed version : ' + ver ; info += '\n Fixed version : 10.2.154.25 (as included with Google Chrome 10.0.648.134)\n'; } } } } } if (info) { if (report_verbosity > 0) security_hole(port:get_kb_item("SMB/transport"), extra:info); else security_hole(get_kb_item("SMB/transport")); } else exit(0, 'The host is not affected.');
NASL family SuSE Local Security Checks NASL id SUSE_FLASH-PLAYER-7391.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 52969 published 2011-03-25 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52969 title SuSE 10 Security Update : flash-player (ZYPP Patch Number 7391) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(52969); script_version ("1.15"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7391)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7391."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:3, reference:"flash-player-10.2.153.1-0.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_FLASH-PLAYER-7398.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 57188 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57188 title SuSE 10 Security Update : flash-player (ZYPP Patch Number 7398) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(57188); script_version ("1.12"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7398)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7398."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"flash-player-10.2.153.1-0.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_FLASH-PLAYER-110321.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 52959 published 2011-03-24 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52959 title SuSE 11.1 Security Update : flash-player (SAT Patch Number 4190) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(52959); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 11.1 Security Update : flash-player (SAT Patch Number 4190)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4190."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"flash-player-10.2.153.1-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_4_FLASH-PLAYER-110328.NASL description The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 75832 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75832 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4239. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75832); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)"); script_summary(english:"Check for the flash-player-4239 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=682902" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00031.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"flash-player-10.2.153.1-0.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }
NASL family Windows NASL id ADOBE_AIR_APSB11-05.NASL description The remote Windows host contains a version of Adobe AIR earlier than 2.6. Such versions are affected by a memory corruption vulnerability that could allow arbitrary code execution on the remote system or trigger a denial of service condition. last seen 2020-06-01 modified 2020-06-02 plugin id 52755 published 2011-03-22 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52755 title Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52755); script_version("1.14"); script_cvs_date("Date: 2018/06/27 18:42:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_xref(name:"Secunia", value:"43751"); script_name(english:"Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05)"); script_summary(english:"Checks version of Adobe AIR"); script_set_attribute( attribute:"synopsis", value: "The remote Windows host contains a version of Adobe AIR that is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe AIR earlier than 2.6. Such versions are affected by a memory corruption vulnerability that could allow arbitrary code execution on the remote system or trigger a denial of service condition."); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?82775d9e"); script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html"); script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-05.html"); script_set_attribute(attribute:"solution", value:"Upgrade to Adobe AIR 2.6 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); # APSA11-01 script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("adobe_air_installed.nasl"); script_require_keys("SMB/Adobe_AIR/Version", "SMB/Adobe_AIR/Path"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); version = get_kb_item_or_exit("SMB/Adobe_AIR/Version"); path = get_kb_item_or_exit("SMB/Adobe_AIR/Path"); version_ui = get_kb_item("SMB/Adobe_AIR/Version_UI"); if (isnull(version_ui)) version_report = version; else version_report = version_ui; fix = '2.6.0.19120'; fix_ui = '2.6'; if (ver_compare(ver:version, fix:fix) == -1) { if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + version_report + '\n Fixed version : ' + fix_ui + '\n'; security_hole(port:get_kb_item("SMB/transport"), extra:report); } else security_hole(get_kb_item("SMB/transport")); exit(0); } else exit(0, "The Adobe AIR "+version_report+" install is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_11_4_FLASH-PLAYER-110321.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 75831 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75831 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4187. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75831); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)"); script_summary(english:"Check for the flash-player-4187 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00016.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"flash-player-10.2.153.1-0.2.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }
NASL family Windows NASL id GOOGLE_CHROME_10_0_648_134.NASL description The version of Google Chrome installed on the remote host is earlier than 10.0.648.134. Such versions of Chrome contain a vulnerable version of Adobe Flash Player. A remote attacker could exploit this by tricking a user into viewing unspecified, malicious SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild. last seen 2017-10-29 modified 2013-11-13 plugin id 52713 published 2011-03-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=52713 title Google Chrome < 10.0.648.134 Unspecified Adobe Flash Player NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201110-11.NASL description The remote host is affected by the vulnerability described in GLSA-201110-11 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details. Impact : By enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 56504 published 2011-10-14 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56504 title GLSA-201110-11 : Adobe Flash Player: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_2_FLASH-PLAYER-110328.NASL description The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 53721 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53721 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1) NASL family Windows NASL id ADOBE_ACROBAT_APSA11-01.NASL description The remote Windows host contains a version of Adobe Acrobat 9.x < 9.4.3 or 10.x < 10.0.2. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild. last seen 2020-06-01 modified 2020-06-02 plugin id 52671 published 2011-03-15 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52671 title Adobe Acrobat 9.x / 10.x Unspecified Memory Corruption (APSB11-06) NASL family SuSE Local Security Checks NASL id SUSE_11_2_FLASH-PLAYER-110321.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 53720 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53720 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_501EE07A564011E0985A001B2134EF46.NASL description Adobe Product Security Incident Response Team reports : A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 52966 published 2011-03-25 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52966 title FreeBSD : linux-flashplugin -- remote code execution vulnerability (501ee07a-5640-11e0-985a-001b2134ef46) NASL family SuSE Local Security Checks NASL id SUSE_11_3_FLASH-PLAYER-110321.NASL description The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. last seen 2020-06-01 modified 2020-06-02 plugin id 75495 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75495 title openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)
Oval
accepted | 2015-08-03T04:00:40.859-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:14147 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-11-04T14:32:53.000-05:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 75 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/99639/adobe_flashplayer_avm.rb.txt |
id | PACKETSTORM:99639 |
last seen | 2016-12-05 |
published | 2011-03-23 |
reporter | bannedit |
source | https://packetstormsecurity.com/files/99639/Adobe-Flash-Player-AVM-Bytecode-Verification.html |
title | Adobe Flash Player AVM Bytecode Verification |
Redhat
advisories |
| ||||
rpms |
|
Saint
bid | 46860 |
description | Adobe Reader Flash AVM2 Memory Corruption |
id | misc_flash |
osvdb | 71254 |
title | adobe_reader_flash_avm2 |
type | client |
Seebug
bulletinFamily | exploit |
description | No description provided by source. |
id | SSV:71506 |
last seen | 2017-11-19 |
modified | 2014-07-01 |
published | 2014-07-01 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-71506 |
title | Adobe Flash Player AVM Bytecode Verification |
References
- http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
- http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://secunia.com/advisories/43751
- http://secunia.com/advisories/43757
- http://secunia.com/advisories/43772
- http://secunia.com/advisories/43856
- http://securityreason.com/securityalert/8152
- http://www.adobe.com/support/security/advisories/apsa11-01.html
- http://www.adobe.com/support/security/bulletins/apsb11-06.html
- http://www.kb.cert.org/vuls/id/192052
- http://www.redhat.com/support/errata/RHSA-2011-0372.html
- http://www.securityfocus.com/bid/46860
- http://www.securitytracker.com/id?1025210
- http://www.securitytracker.com/id?1025211
- http://www.securitytracker.com/id?1025238
- http://www.vupen.com/english/advisories/2011/0655
- http://www.vupen.com/english/advisories/2011/0656
- http://www.vupen.com/english/advisories/2011/0688
- http://www.vupen.com/english/advisories/2011/0732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66078
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147
- http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66078
- http://www.vupen.com/english/advisories/2011/0732
- http://www.vupen.com/english/advisories/2011/0688
- http://www.vupen.com/english/advisories/2011/0656
- http://www.vupen.com/english/advisories/2011/0655
- http://www.securitytracker.com/id?1025238
- http://www.securitytracker.com/id?1025211
- http://www.securitytracker.com/id?1025210
- http://www.securityfocus.com/bid/46860
- http://www.redhat.com/support/errata/RHSA-2011-0372.html
- http://www.kb.cert.org/vuls/id/192052
- http://www.adobe.com/support/security/bulletins/apsb11-06.html
- http://www.adobe.com/support/security/advisories/apsa11-01.html
- http://securityreason.com/securityalert/8152
- http://secunia.com/advisories/43856
- http://secunia.com/advisories/43772
- http://secunia.com/advisories/43757
- http://secunia.com/advisories/43751
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html