Vulnerabilities > CVE-2011-0609 - Remote Memory Corruption vulnerability in Adobe Flash Player

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Flash Player 6.0.21.0 Adobe Flash Player 6.0.79 Adobe Flash Player 7.0 Adobe Flash Player 7.0.1 Adobe Flash Player 7.0.14.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 7.0.25 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.63 Adobe Flash Player 7.0.66.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.68.0 Adobe Flash Player 7.0.69.0 Adobe Flash Player 7.0.70.0 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.1 Adobe Flash Player 7.1.1 Adobe Flash Player 7.2 Adobe Flash Player 8.0 Adobe Flash Player 8.0.22.0 Adobe Flash Player 8.0.24.0 Adobe Flash Player 8.0.33.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 8.0.35.0 Adobe Flash Player 8.0.39.0 Adobe Flash Player 8.0.42.0 Adobe Flash Player 9.0 Adobe Flash Player 9.0.16 Adobe Flash Player 9.0.18D60 Adobe Flash Player 9.0.20 Adobe Flash Player 9.0.20.0 Adobe Flash Player 9.0.28 Adobe Flash Player 9.0.28.0 Adobe Flash Player 9.0.31 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.47.0 Adobe Flash Player 9.0.48.0 Adobe Flash Player 9.0.112.0 Adobe Flash Player 9.0.114.0 Adobe Flash Player 9.0.115.0 Adobe Flash Player 9.0.124.0 Adobe Flash Player 9.0.125.0 Adobe Flash Player 9.0.151.0 Adobe Flash Player 9.0.152.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 9.0.159.0 Adobe Flash Player 9.0.246.0 Adobe Flash Player 9.0.260.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.0.277.0 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.125.0 Adobe Flash Player 10.0.0.584 Adobe Flash Player 10.0.12.10 Adobe Flash Player 10.0.12.36 Adobe Flash Player 10.0.15.3 Adobe Flash Player 10.0.22.87 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.45.2 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.53.64 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.2.152 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.33 Adobe Flash Player - Adobe Flash Player 2 Adobe Flash Player 3 Adobe Flash Player 4 Adobe Flash Player 5 Adobe Flash Player 6 Adobe Flash Player 7 Adobe Flash Player 8 Adobe Flash Player 9 Adobe Flash Player 9.0.8.0 Adobe Flash Player 9.0.9.0 Adobe Flash Player 9.0.16.0 Adobe Flash Player 9.0.280 Adobe Flash Player 9.0.289.0 Adobe Flash Player 10 Adobe Flash Player 10.0.2.54 Adobe Flash Player 10.1 Adobe Flash Player 10.1.52.14 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.106.17 Adobe Flash Player 10.2.152.26 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.154.13 Adobe Acrobat 9.0 Adobe Acrobat 9.1 Adobe Acrobat 9.1.1 Adobe Acrobat 9.1.2 Adobe Acrobat 9.1.3 Adobe Acrobat 9.2 Adobe Acrobat 9.3 Adobe Acrobat 9.3.1 Adobe Acrobat 9.3.2 Adobe Acrobat 9.3.3 Adobe Acrobat 9.3.4 Adobe Acrobat 9.4 Adobe Acrobat 9.4.1 Adobe Acrobat 9.4.2 Adobe Acrobat 10.0 Adobe Acrobat 10.0.1 Adobe Acrobat Reader 9.0 Adobe Acrobat Reader 9.1 Adobe Acrobat Reader 9.1.1 Adobe Acrobat Reader 9.1.2 Adobe Acrobat Reader 9.1.3 Adobe Acrobat Reader 9.2 Adobe Acrobat Reader 9.3 Adobe Acrobat Reader 9.3.1 Adobe Acrobat Reader 9.3.2 Adobe Acrobat Reader 9.3.3 Adobe Acrobat Reader 9.3.4 Adobe Acrobat Reader 9.4 Adobe Acrobat Reader 9.4.1 Adobe Acrobat Reader 9.4.2 Adobe Acrobat Reader 10.0 Adobe Acrobat Reader 10.0.1	133
OS	Apple Apple MAC OS X *	1
OS	Linux Linux Linux Kernel *	1
OS	Microsoft Microsoft Windows *	1
OS	Oracle Oracle Solaris *	1
OS	Google Google Android *	1

Exploit-Db

description	Adobe Flash Player AVM Bytecode Verification. CVE-2011-0609. Remote exploit for windows platform
id	EDB-ID:17027
last seen	2016-02-02
modified	2011-03-23
published	2011-03-23
reporter	metasploit
source	https://www.exploit-db.com/download/17027/
title	Adobe Flash Player AVM Bytecode Verification

Metasploit

description	This module exploits a vulnerability in Adobe Flash Player versions 10.2.152.33 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for the RSA attack in March 2011. Specifically, this issue results in uninitialized memory being referenced and later executed. Taking advantage of this issue relies on heap spraying and controlling the uninitialized memory. Currently this exploit works for IE6, IE7, and Firefox 3.6 and likely several other browsers. DEP does catch the exploit and causes it to fail. Due to the nature of the uninitialized memory its fairly difficult to get around this restriction.
id	MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_AVM
last seen	2020-06-04
modified	2017-07-24
published	2011-03-23
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0609 http://bugix-security.blogspot.com/2011/03/cve-2011-0609-adobe-flash-player.html http://www.adobe.com/devnet/swf.html http://www.adobe.com/support/security/advisories/apsa11-01.html http://www.f-secure.com/weblog/archives/00002226.html
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/adobe_flashplayer_avm.rb
title	Adobe Flash Player AVM Bytecode Verification Vulnerability

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2011-0372.NASL
description	An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-05, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. (CVE-2011-0609) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.2.153.1.
last seen	2020-06-01
modified	2020-06-02
plugin id	52760
published	2011-03-23
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/52760
title	RHEL 5 / 6 : flash-plugin (RHSA-2011:0372)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2011:0372. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(52760); script_version ("1.27"); script_cvs_date("Date: 2019/10/25 13:36:16"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"RHSA", value:"2011:0372"); script_name(english:"RHEL 5 / 6 : flash-plugin (RHSA-2011:0372)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-05, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. (CVE-2011-0609) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.2.153.1." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2011-0609" ); # http://www.adobe.com/support/security/bulletins/apsb11-05.html script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb11-05.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:0372" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-plugin package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(5\|6)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2011:0372"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", reference:"flash-plugin-10.2.153.1-1.el5")) flag++; if (rpm_check(release:"RHEL6", reference:"flash-plugin-10.2.153.1-1.el6")) flag++; if (flag) { flash_plugin_caveat = '\n' + 'NOTE: This vulnerability check only applies to RedHat released\n' + 'versions of the flash-plugin package. This check does not apply to\n' + 'Adobe released versions of the flash-plugin package, which are\n' + 'versioned similarly and cause collisions in detection.\n\n' + 'If you are certain you are running the Adobe released package of\n' + 'flash-plugin and are running a version of it equal or higher to the\n' + 'RedHat version listed above then you can consider this a false\n' + 'positive.\n'; security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin"); } }

NASL family	Windows
NASL id	ADOBE_READER_APSA11-01.NASL
description	The remote Windows host contains a version of Adobe Reader 9.x < 9.4.3 or 10.x < 10.1. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild.
last seen	2020-06-01
modified	2020-06-02
plugin id	52672
published	2011-03-15
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52672
title	Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52672); script_version("1.21"); script_cvs_date("Date: 2018/11/15 20:50:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_name(english:"Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06)"); script_summary(english:"Checks version of Adobe Reader"); script_set_attribute( attribute:"synopsis", value: "The version of Adobe Reader on the remote Windows host is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe Reader 9.x < 9.4.3 or 10.x < 10.1. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild." ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?82775d9e" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html" ); script_set_attribute( attribute:"see_also", value:"https://www.adobe.com/support/security/bulletins/apsb11-06.html" ); # "The update for Adobe Reader X (10.x) for Windows also incorporate the updates # previously addressed in all other supported versions of Adobe Reader and Acrobat # as noted in Security Bulletin APSB11-06 and Security Bulletin APSB11-08." script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-16.html" ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1d9dd300" ); script_set_attribute( attribute:"solution", value: "Upgrade to Adobe Reader 9.4.2 / 10.1 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("adobe_reader_installed.nasl"); script_require_keys("SMB/Acroread/Version"); exit(0); } include('global_settings.inc'); info = ''; info2 = ''; vuln = 0; vers = get_kb_list('SMB/Acroread/Version'); if (isnull(vers)) exit(0, 'The "SMB/Acroread/Version" KB list is missing.'); foreach version (vers) { ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); path = get_kb_item('SMB/Acroread/'+version+'/Path'); if (isnull(path)) path = 'n/a'; verui = get_kb_item('SMB/Acroread/'+version+'/Version_UI'); if (isnull(verui)) verui = version; if ( (ver[0] == 9 && ver[1] < 4) \|\| (ver[0] == 9 && ver[1] == 4 && ver[2] < 3) \|\| (ver[0] == 10 && ver[1] < 1) ) { vuln++; info += '\n Path : '+path+ '\n Installed version : '+verui+ '\n Fixed version : 9.4.3 / 10.1\n'; } else info2 += " and " + verui; } if (info) { if (report_verbosity > 0) { if (vuln > 1) s = "s of Adobe Reader are"; else s = " of Adobe Reader is"; report = '\nThe following vulnerable instance'+s+' installed on the'+ '\nremote host :\n'+ info; security_hole(port:get_kb_item("SMB/transport"), extra:report); } else security_hole(get_kb_item("SMB/transport")); exit(0); } if (info2) { info2 -= " and "; if (" and " >< info2) be = "are"; else be = "is"; exit(0, "The host is not affected since Adobe Reader "+info2+" "+be+" installed."); } else exit(1, "Unexpected error - 'info2' is empty.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_3_FLASH-PLAYER-110328.NASL
description	The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	75496
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75496
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4239. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75496); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)"); script_summary(english:"Check for the flash-player-4239 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=682902" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00031.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"flash-player-10.2.153.1-0.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }

NASL family	Windows
NASL id	FLASH_PLAYER_APSA11-01.NASL
description	The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.153.1. Such versions are affected by an unspecified memory corruption vulnerability. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild.
last seen	2020-06-01
modified	2020-06-02
plugin id	52673
published	2011-03-15
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52673
title	Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52673); script_version("1.16"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_xref(name:"Secunia", value:"43751"); script_xref(name:"Secunia", value:"43757"); script_name(english:"Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05)"); script_summary(english:"Checks version of Flash Player"); script_set_attribute( attribute:"synopsis", value: "The remote Windows host contains a browser plug-in that is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe Flash Player earlier than 10.2.153.1. Such versions are affected by an unspecified memory corruption vulnerability. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild." ); script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?82775d9e" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html" ); script_set_attribute( attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-05.html" ); script_set_attribute( attribute:"solution", value:"Upgrade to Flash Player 10.2.153.1 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/15"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("flash_player_installed.nasl"); script_require_keys("SMB/Flash_Player/installed"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); get_kb_item_or_exit('SMB/Flash_Player/installed'); info = ''; foreach variant (make_list("Plugin", "ActiveX", "Chrome")) { vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/"); files = get_kb_list("SMB/Flash_Player/"+variant+"/File/"); if (!isnull(vers) && !isnull(files)) { foreach key (keys(vers)) { ver = vers[key]; if (ver) { iver = split(ver, sep:'.', keep:FALSE); for(i=0;i<max_index(iver);i++) iver[i] = int(iver[i]); if ( ("Plugin" >< variant \|\| "ActiveX" >< variant) && ( iver[0] < 10 \|\| ( iver[0] == 10 && ( iver[1] < 2 \|\| ( iver[1] == 2 && ( iver[2] < 153 \|\| (iver[2] == 153 && iver[3] < 1) ) ) ) ) ) ) { num = key - ("SMB/Flash_Player/"+variant+"/Version/"); file = files["SMB/Flash_Player/"+variant+"/File/"+num]; if (variant == "Plugin") { info += '\n Product : Browser Plugin (for Firefox / Netscape / Opera)'; } else if (variant == "ActiveX") { info += '\n Product : ActiveX control (for Internet Explorer)'; } info += '\n Path : ' + file + '\n Installed version : ' + ver + '\n Fixed version : 10.2.153.1\n'; } # Chrome else if ( ("Chrome" >< variant) && ( iver[0] < 10 \|\| ( iver[0] == 10 && ( iver[1] < 2 \|\| ( iver[1] == 2 && ( iver[2] < 154 \|\| (iver[2] == 154 && iver[3] < 25) ) ) ) ) ) ) { num = key - ("SMB/Flash_Player/"+variant+"/Version/"); file = files["SMB/Flash_Player/"+variant+"/File/"+num]; info += '\n Product: Browser Plugin (for Google Chrome)'; info += '\n Path : ' + file + '\n Installed version : ' + ver ; info += '\n Fixed version : 10.2.154.25 (as included with Google Chrome 10.0.648.134)\n'; } } } } } if (info) { if (report_verbosity > 0) security_hole(port:get_kb_item("SMB/transport"), extra:info); else security_hole(get_kb_item("SMB/transport")); } else exit(0, 'The host is not affected.');

NASL family	SuSE Local Security Checks
NASL id	SUSE_FLASH-PLAYER-7391.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	52969
published	2011-03-25
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52969
title	SuSE 10 Security Update : flash-player (ZYPP Patch Number 7391)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(52969); script_version ("1.15"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7391)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7391."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:3, reference:"flash-player-10.2.153.1-0.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_FLASH-PLAYER-7398.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	57188
published	2011-12-13
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/57188
title	SuSE 10 Security Update : flash-player (ZYPP Patch Number 7398)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(57188); script_version ("1.12"); script_cvs_date("Date: 2019/10/25 13:36:43"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7398)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7398."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"flash-player-10.2.153.1-0.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_FLASH-PLAYER-110321.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	52959
published	2011-03-24
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52959
title	SuSE 11.1 Security Update : flash-player (SAT Patch Number 4190)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(52959); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"SuSE 11.1 Security Update : flash-player (SAT Patch Number 4190)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue : - This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0609.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4190."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) \|\| int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"flash-player-10.2.153.1-0.2.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_FLASH-PLAYER-110328.NASL
description	The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	75832
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75832
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4239. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75832); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)"); script_summary(english:"Check for the flash-player-4239 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=682902" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00031.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"flash-player-10.2.153.1-0.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }

NASL family	Windows
NASL id	ADOBE_AIR_APSB11-05.NASL
description	The remote Windows host contains a version of Adobe AIR earlier than 2.6. Such versions are affected by a memory corruption vulnerability that could allow arbitrary code execution on the remote system or trigger a denial of service condition.
last seen	2020-06-01
modified	2020-06-02
plugin id	52755
published	2011-03-22
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52755
title	Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(52755); script_version("1.14"); script_cvs_date("Date: 2018/06/27 18:42:26"); script_cve_id("CVE-2011-0609"); script_bugtraq_id(46860); script_xref(name:"CERT", value:"192052"); script_xref(name:"EDB-ID", value:"17027"); script_xref(name:"Secunia", value:"43751"); script_name(english:"Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05)"); script_summary(english:"Checks version of Adobe AIR"); script_set_attribute( attribute:"synopsis", value: "The remote Windows host contains a version of Adobe AIR that is affected by a memory corruption vulnerability." ); script_set_attribute( attribute:"description", value: "The remote Windows host contains a version of Adobe AIR earlier than 2.6. Such versions are affected by a memory corruption vulnerability that could allow arbitrary code execution on the remote system or trigger a denial of service condition."); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?82775d9e"); script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/advisories/apsa11-01.html"); script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb11-05.html"); script_set_attribute(attribute:"solution", value:"Upgrade to Adobe AIR 2.6 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/14"); # APSA11-01 script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:air"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("adobe_air_installed.nasl"); script_require_keys("SMB/Adobe_AIR/Version", "SMB/Adobe_AIR/Path"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); version = get_kb_item_or_exit("SMB/Adobe_AIR/Version"); path = get_kb_item_or_exit("SMB/Adobe_AIR/Path"); version_ui = get_kb_item("SMB/Adobe_AIR/Version_UI"); if (isnull(version_ui)) version_report = version; else version_report = version_ui; fix = '2.6.0.19120'; fix_ui = '2.6'; if (ver_compare(ver:version, fix:fix) == -1) { if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + version_report + '\n Fixed version : ' + fix_ui + '\n'; security_hole(port:get_kb_item("SMB/transport"), extra:report); } else security_hole(get_kb_item("SMB/transport")); exit(0); } else exit(0, "The Adobe AIR "+version_report+" install is not affected.");

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_FLASH-PLAYER-110321.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	75831
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75831
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update flash-player-4187. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75831); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-0609"); script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)"); script_summary(english:"Check for the flash-player-4187 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=679672" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-03/msg00016.html" ); script_set_attribute( attribute:"solution", value:"Update the affected flash-player package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Bytecode Verification Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"flash-player-10.2.153.1-0.2.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player"); }

NASL family	Windows
NASL id	GOOGLE_CHROME_10_0_648_134.NASL
description	The version of Google Chrome installed on the remote host is earlier than 10.0.648.134. Such versions of Chrome contain a vulnerable version of Adobe Flash Player. A remote attacker could exploit this by tricking a user into viewing unspecified, malicious SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild.
last seen	2017-10-29
modified	2013-11-13
plugin id	52713
published	2011-03-18
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=52713
title	Google Chrome < 10.0.648.134 Unspecified Adobe Flash Player

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201110-11.NASL
description	The remote host is affected by the vulnerability described in GLSA-201110-11 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details. Impact : By enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	56504
published	2011-10-14
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/56504
title	GLSA-201110-11 : Adobe Flash Player: Multiple vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_2_FLASH-PLAYER-110328.NASL
description	The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	53721
published	2011-05-05
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/53721
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)

NASL family	Windows
NASL id	ADOBE_ACROBAT_APSA11-01.NASL
description	The remote Windows host contains a version of Adobe Acrobat 9.x < 9.4.3 or 10.x < 10.0.2. Such versions are affected by an unspecified memory corruption vulnerability in authplay.dll. A remote attacker could exploit this by tricking a user into viewing maliciously crafted SWF content, resulting in arbitrary code execution. This bug is currently being exploited in the wild.
last seen	2020-06-01
modified	2020-06-02
plugin id	52671
published	2011-03-15
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52671
title	Adobe Acrobat 9.x / 10.x Unspecified Memory Corruption (APSB11-06)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_2_FLASH-PLAYER-110321.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	53720
published	2011-05-05
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/53720
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_501EE07A564011E0985A001B2134EF46.NASL
description	Adobe Product Security Incident Response Team reports : A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	52966
published	2011-03-25
reporter	This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/52966
title	FreeBSD : linux-flashplugin -- remote code execution vulnerability (501ee07a-5640-11e0-985a-001b2134ef46)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_3_FLASH-PLAYER-110321.NASL
description	The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.
last seen	2020-06-01
modified	2020-06-02
plugin id	75495
published	2014-06-13
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75495
title	openSUSE Security Update : flash-player (openSUSE-SU-2011:0215-1)

Oval

accepted

2015-08-03T04:00:40.859-04:00

class

vulnerability

contributors

name Scott Quint
organization DTCC
name Shane Shaffer
organization G2, Inc.
name Sergey Artykhov
organization ALTX-SOFT
name Sergey Artykhov
organization ALTX-SOFT
name Shane Shaffer
organization G2, Inc.
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Adobe Flash Player 9 is installed
oval oval:org.mitre.oval:def:7402
comment Adobe Flash Player is installed
oval oval:org.mitre.oval:def:6700
comment Adobe Flash Player is installed
oval oval:org.mitre.oval:def:6700
comment Adobe Acrobat 10.x is installed
oval oval:org.mitre.oval:def:11989
comment Adobe Flash Player 10 is installed
oval oval:org.mitre.oval:def:7610
comment Adobe Reader 9 Series is installed
oval oval:org.mitre.oval:def:6523
comment Adobe Flash Player is installed
oval oval:org.mitre.oval:def:6700
comment Adobe Acrobat 9 Series is installed
oval oval:org.mitre.oval:def:6013
comment Adobe Reader 10.x is installed
oval oval:org.mitre.oval:def:12283
comment ActiveX Control is installed
oval oval:org.mitre.oval:def:26707

description

family

windows

oval:org.mitre.oval:def:14147

status

accepted

submitted

2011-11-04T14:32:53.000-05:00

title

version

Packetstorm

data source	https://packetstormsecurity.com/files/download/99639/adobe_flashplayer_avm.rb.txt
id	PACKETSTORM:99639
last seen	2016-12-05
published	2011-03-23
reporter	bannedit
source	https://packetstormsecurity.com/files/99639/Adobe-Flash-Player-AVM-Bytecode-Verification.html
title	Adobe Flash Player AVM Bytecode Verification

Redhat

advisories

rhsa

id	RHSA-2011:0372

rpms

flash-plugin-0:10.2.153.1-1.el5
flash-plugin-0:10.2.153.1-1.el6

Saint

bid	46860
description	Adobe Reader Flash AVM2 Memory Corruption
id	misc_flash
osvdb	71254
title	adobe_reader_flash_avm2
type	client

Seebug

bulletinFamily	exploit
description	No description provided by source.
id	SSV:71506
last seen	2017-11-19
modified	2014-07-01
published	2014-07-01
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-71506
title	Adobe Flash Player AVM Bytecode Verification

Summary