Vulnerabilities > CVE-2015-6680 - Unspecified vulnerability in Adobe Shockwave Player
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN adobe
nessus
Summary
Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6681.
Vulnerable Configurations
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201509-07.NASL description The remote host is affected by the vulnerability described in GLSA-201509-07 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 91735 published 2016-06-22 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91735 title GLSA-201509-07 : Adobe Flash Player: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201509-07. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(91735); script_version("2.4"); script_cvs_date("Date: 2019/04/11 17:23:06"); script_cve_id("CVE-2015-5567", "CVE-2015-5568", "CVE-2015-5570", "CVE-2015-5571", "CVE-2015-5572", "CVE-2015-5573", "CVE-2015-5574", "CVE-2015-5575", "CVE-2015-5576", "CVE-2015-5577", "CVE-2015-5578", "CVE-2015-5579", "CVE-2015-5580", "CVE-2015-5581", "CVE-2015-5582", "CVE-2015-5584", "CVE-2015-5587", "CVE-2015-5588", "CVE-2015-6676", "CVE-2015-6677", "CVE-2015-6678", "CVE-2015-6679", "CVE-2015-6680", "CVE-2015-6681", "CVE-2015-6682"); script_xref(name:"GLSA", value:"201509-07"); script_name(english:"GLSA-201509-07 : Adobe Flash Player: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201509-07 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201509-07" ); script_set_attribute( attribute:"solution", value: "All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-plugins/adobe-flash-11.2.202.521'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:adobe-flash"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2015/09/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-plugins/adobe-flash", unaffected:make_list("ge 11.2.202.521"), vulnerable:make_list("lt 11.2.202.521"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Adobe Flash Player"); }NASL family MacOS X Local Security Checks NASL id MACOSX_SHOCKWAVE_PLAYER_APSB15-22.NASL description The remote Mac OS X host contains a version of Adobe Shockwave Player that is prior or equal to 12.1.9.160. It is, therefore, affected by multiple remote code execution vulnerabilities due improper validation of user-supplied input. A remote attacker can exploit these vulnerabilities to corrupt memory, potentially resulting in the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 85881 published 2015-09-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85881 title Adobe Shockwave Player <= 12.1.9.160 Multiple RCE (APSB15-22) (Mac OS X) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(85881); script_version("1.8"); script_cvs_date("Date: 2019/11/22"); script_cve_id("CVE-2015-6680", "CVE-2015-6681"); script_bugtraq_id(76664); script_name(english:"Adobe Shockwave Player <= 12.1.9.160 Multiple RCE (APSB15-22) (Mac OS X)"); script_summary(english:"Checks version of Shockwave Player."); script_set_attribute(attribute:"synopsis", value: "The remote Mac OS X host contains a web browser plugin that is affected by multiple remote code execution vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote Mac OS X host contains a version of Adobe Shockwave Player that is prior or equal to 12.1.9.160. It is, therefore, affected by multiple remote code execution vulnerabilities due improper validation of user-supplied input. A remote attacker can exploit these vulnerabilities to corrupt memory, potentially resulting in the execution of arbitrary code."); script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/shockwave/apsb15-22.html"); script_set_attribute(attribute:"solution", value: "Upgrade to Adobe Shockwave Player 12.2.0.162 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-6681"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/08"); script_set_attribute(attribute:"patch_publication_date", value:"2015/09/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:shockwave_player"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("shockwave_player_detect_macosx.nbin"); script_require_keys("installed_sw/Shockwave Player", "Host/MacOSX/Version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); os = get_kb_item("Host/MacOSX/Version"); if (!os) audit(AUDIT_OS_NOT, "Mac OS X"); app = 'Shockwave Player'; get_install_count(app_name:app, exit_if_zero:TRUE); install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); ver = install['version']; path = install['path']; if (ver_compare(ver:ver, fix:'12.1.9.160', strict:FALSE) <= 0) { if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + ver + '\n Fixed versions : 12.2.0.162' + '\n'; security_hole(port:0, extra:report); } else security_hole(port:0); } else audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);NASL family Windows NASL id SHOCKWAVE_PLAYER_APSB15-22.NASL description The remote Windows host contains a version of Adobe Shockwave Player that is prior or equal to 12.1.9.160. It is, therefore, affected by multiple remote code execution vulnerabilities due improper validation of user-supplied input. A remote attacker can exploit these vulnerabilities to corrupt memory, potentially resulting in the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 85882 published 2015-09-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85882 title Adobe Shockwave Player <= 12.1.9.160 Multiple RCE (APSB15-22) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(85882); script_version("1.8"); script_cvs_date("Date: 2019/11/22"); script_cve_id("CVE-2015-6680", "CVE-2015-6681"); script_bugtraq_id(76664); script_name(english:"Adobe Shockwave Player <= 12.1.9.160 Multiple RCE (APSB15-22)"); script_summary(english:"Checks version of Shockwave Player."); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains a web browser plugin that is affected by multiple remote code execution vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote Windows host contains a version of Adobe Shockwave Player that is prior or equal to 12.1.9.160. It is, therefore, affected by multiple remote code execution vulnerabilities due improper validation of user-supplied input. A remote attacker can exploit these vulnerabilities to corrupt memory, potentially resulting in the execution of arbitrary code."); script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/shockwave/apsb15-22.html"); script_set_attribute(attribute:"solution", value: "Upgrade to Adobe Shockwave Player 12.2.0.162 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-6681"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/08"); script_set_attribute(attribute:"patch_publication_date", value:"2015/09/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:shockwave_player"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("shockwave_player_apsb09_08.nasl"); script_require_keys("SMB/shockwave_player"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); installs = get_kb_list_or_exit("SMB/shockwave_player/*/path"); appname = "Shockwave Player"; latest_vuln_version = "12.1.9.160"; # versions <= this version are vuln fix = "12.2.0.162"; info = NULL; pattern = "SMB/shockwave_player/([^/]+)/([^/]+)/path"; vuln = 0; foreach install (keys(installs)) { match = eregmatch(string:install, pattern:pattern); if (!match) exit(1, "Unexpected format of KB key '" + install + "'."); file = installs[install]; variant = match[1]; version = match[2]; if (ver_compare(ver:version, fix:latest_vuln_version) <= 0) { if (variant == "Plugin") info += '\n Variant : Browser Plugin (for Firefox / Netscape / Opera)'; else if (variant == "ActiveX") info += '\n Variant : ActiveX control (for Internet Explorer)'; info += '\n File : ' + file + '\n Installed version : ' + version + '\n Fixed version : ' + fix + '\n'; vuln++; } } if (!info) audit(AUDIT_INST_VER_NOT_VULN, appname); port = get_kb_item("SMB/transport"); if (!port) port = 445; if (report_verbosity > 0) { if (vuln > 1) s = "s"; else s = ""; report = '\n' + 'Nessus has identified the following vulnerable instance' + s + ' of Shockwave'+ '\n' + 'Player installed on the remote host :' + '\n' + info + '\n'; security_hole(port:port, extra:report); } else security_hole(port);
References
- http://www.securitytracker.com/id/1033486
- http://www.securitytracker.com/id/1033486
- https://helpx.adobe.com/security/products/shockwave/apsb15-22.html
- https://helpx.adobe.com/security/products/shockwave/apsb15-22.html
- https://security.gentoo.org/glsa/201509-07
- https://security.gentoo.org/glsa/201509-07