General : Adobe Flash Player Multiple Vulnerabilities June-2012 (Linux)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.802873

Kategorie: General

Titel: Adobe Flash Player Multiple Vulnerabilities June-2012 (Linux)

Zusammenfassung: This host is installed with Adobe Flash Player and is prone to; multiple vulnerabilities.

Beschreibung: Summary:
This host is installed with Adobe Flash Player and is prone to
multiple vulnerabilities.

Vulnerability Insight:
Multiple errors are caused,

- When parsing ActionScript.

- Within NPSWF32.dll when parsing certain tags.

- In the 'SoundMixer.computeSpectrum()' method, which can be exploited to
bypass the same-origin policy.

- In the installer allows planting a binary file.

Vulnerability Impact:
Successful exploitation could allow attackers to bypass certain security
restrictions, execute arbitrary code in the context of the browser or cause
a denial of service (memory corruption) via unspecified vectors.

Affected Software/OS:
Adobe Flash Player version before 10.3.183.20,
Adobe Flash Player version 11.x through 11.2.202.235 on Linux.

Solution:
Update to Adobe Flash Player version 10.3.183.20 or 11.2.202.236 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 53887
Common Vulnerability Exposure (CVE) ID: CVE-2012-2034
RedHat Security Advisories: RHSA-2012:0722
http://rhn.redhat.com/errata/RHSA-2012-0722.html
SuSE Security Announcement: SUSE-SU-2012:0724 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html
SuSE Security Announcement: openSUSE-SU-2012:0723 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-2035
Common Vulnerability Exposure (CVE) ID: CVE-2012-2036
Common Vulnerability Exposure (CVE) ID: CVE-2012-2037
Common Vulnerability Exposure (CVE) ID: CVE-2012-2039
Common Vulnerability Exposure (CVE) ID: CVE-2012-2038
Common Vulnerability Exposure (CVE) ID: CVE-2012-2040

Copyright Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.802873
Kategorie:	General
Titel:	Adobe Flash Player Multiple Vulnerabilities June-2012 (Linux)
Zusammenfassung:	This host is installed with Adobe Flash Player and is prone to; multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple errors are caused, - When parsing ActionScript. - Within NPSWF32.dll when parsing certain tags. - In the 'SoundMixer.computeSpectrum()' method, which can be exploited to bypass the same-origin policy. - In the installer allows planting a binary file. Vulnerability Impact: Successful exploitation could allow attackers to bypass certain security restrictions, execute arbitrary code in the context of the browser or cause a denial of service (memory corruption) via unspecified vectors. Affected Software/OS: Adobe Flash Player version before 10.3.183.20, Adobe Flash Player version 11.x through 11.2.202.235 on Linux. Solution: Update to Adobe Flash Player version 10.3.183.20 or 11.2.202.236 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 53887 Common Vulnerability Exposure (CVE) ID: CVE-2012-2034 RedHat Security Advisories: RHSA-2012:0722 http://rhn.redhat.com/errata/RHSA-2012-0722.html SuSE Security Announcement: SUSE-SU-2012:0724 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html SuSE Security Announcement: openSUSE-SU-2012:0723 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2035 Common Vulnerability Exposure (CVE) ID: CVE-2012-2036 Common Vulnerability Exposure (CVE) ID: CVE-2012-2037 Common Vulnerability Exposure (CVE) ID: CVE-2012-2039 Common Vulnerability Exposure (CVE) ID: CVE-2012-2038 Common Vulnerability Exposure (CVE) ID: CVE-2012-2040
Copyright	Copyright (C) 2012 Greenbone Networks GmbH