ID de Prueba:	1.3.6.1.4.1.25623.1.0.66475
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1658
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2009:1658. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, possibly, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2009-3794, CVE-2009-3796, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.260.0. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2009-1658.html http://www.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb09-19.html CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3794 http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html BugTraq ID: 37199 http://www.securityfocus.com/bid/37199 Bugtraq: 20091209 ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/508336/100/0/threaded Cert/CC Advisory: TA09-343A http://www.us-cert.gov/cas/techalerts/TA09-343A.html http://zerodayinitiative.com/advisories/ZDI-09-092/ http://osvdb.org/60885 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15948 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8686 http://www.redhat.com/support/errata/RHSA-2009-1657.html http://www.redhat.com/support/errata/RHSA-2009-1658.html http://securitytracker.com/id?1023306 http://securitytracker.com/id?1023307 http://secunia.com/advisories/37584 http://secunia.com/advisories/37902 http://secunia.com/advisories/38241 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1 SuSE Security Announcement: SUSE-SA:2009:062 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html http://www.vupen.com/english/advisories/2009/3456 http://www.vupen.com/english/advisories/2010/0173 XForce ISS Database: flash-air-jpeg-code-execution(54631) https://exchange.xforce.ibmcloud.com/vulnerabilities/54631 Common Vulnerability Exposure (CVE) ID: CVE-2009-3796 http://osvdb.org/60886 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7763 XForce ISS Database: flash-air-data-code-execution(54632) https://exchange.xforce.ibmcloud.com/vulnerabilities/54632 Common Vulnerability Exposure (CVE) ID: CVE-2009-3798 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16340 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6899 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7902 XForce ISS Database: flash-air-unspecified-code-execution(54634) https://exchange.xforce.ibmcloud.com/vulnerabilities/54634 Common Vulnerability Exposure (CVE) ID: CVE-2009-3799 Bugtraq: 20091209 ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/508334/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-09-093/ http://osvdb.org/60889 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16315 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7191 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8208 XForce ISS Database: flash-air-unspecified-overflow(54635) https://exchange.xforce.ibmcloud.com/vulnerabilities/54635 Common Vulnerability Exposure (CVE) ID: CVE-2009-3800 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6972 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8613 XForce ISS Database: flash-air-multiple-code-execution(54636) https://exchange.xforce.ibmcloud.com/vulnerabilities/54636 Common Vulnerability Exposure (CVE) ID: CVE-2009-3797 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15795 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8350 XForce ISS Database: flash-air-corruption-code-execution(54633) https://exchange.xforce.ibmcloud.com/vulnerabilities/54633
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.