Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2022 Tenable Network Security, Inc.FLASH_PLAYER_APSB10-14.NASL
HistoryJun 10, 2010 - 12:00 a.m.

Flash Player < 9.0.277.0 / 10.1.53.63 Multiple Vulnerabilities (APSB10-14)

2010-06-1000:00:00
This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.
www.tenable.com
48

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.873 High

EPSS

Percentile

98.7%

JSON

The remote Windows host contains a version of Adobe Flash Player 9.x before 9.0.277.0 or 10.x before 10.1.53.63. Such versions are affected by multiple vulnerabilities, such as memory corruption, buffer overflows, and memory exhaustion, that could be exploited to cause an application crash or even allow execution of arbitrary code.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(46859);
  script_version("1.58");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/06/28");

  script_cve_id(
    "CVE-2008-4546",
    "CVE-2009-3793",
    "CVE-2010-1297",
    "CVE-2010-2160",
    "CVE-2010-2161",
    "CVE-2010-2162",
    "CVE-2010-2163",
    "CVE-2010-2164",
    "CVE-2010-2165",
    "CVE-2010-2166",
    "CVE-2010-2167",
    "CVE-2010-2169",
    "CVE-2010-2170",
    "CVE-2010-2171",
    "CVE-2010-2172",
    "CVE-2010-2173",
    "CVE-2010-2174",
    "CVE-2010-2175",
    "CVE-2010-2176",
    "CVE-2010-2177",
    "CVE-2010-2178",
    "CVE-2010-2179",
    "CVE-2010-2180",
    "CVE-2010-2181",
    "CVE-2010-2182",
    "CVE-2010-2183",
    "CVE-2010-2184",
    "CVE-2010-2185",
    "CVE-2010-2186",
    "CVE-2010-2187",
    "CVE-2010-2189"
  );
  script_bugtraq_id(
    31537,
    40586,
    40779,
    40780,
    40781,
    40782,
    40783,
    40784,
    40785,
    40786,
    40787,
    40788,
    40789,
    40790,
    40791,
    40792,
    40793,
    40794,
    40795,
    40796,
    40797,
    40799,
    40800,
    40801,
    40802,
    40803,
    40805,
    40806,
    40807,
    40808,
    40809
  );
  script_xref(name:"CERT", value:"486225");
  script_xref(name:"SECUNIA", value:"40026");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");

  script_name(english:"Flash Player < 9.0.277.0 / 10.1.53.63 Multiple Vulnerabilities (APSB10-14)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a browser plug-in that is affected
by a code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host contains a version of Adobe Flash Player 9.x
before 9.0.277.0 or 10.x before 10.1.53.63.  Such versions are
affected by multiple vulnerabilities, such as memory corruption,
buffer overflows, and memory exhaustion, that could be exploited to
cause an application crash or even allow execution of arbitrary
code.");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb10-14.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Flash Player 10.1.53.64 / 9.0.277.0 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-2189");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "newfunction" Invalid Pointer Use');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164");
  script_cwe_id(399);

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:flash_player");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.");

  script_dependencies("flash_player_installed.nasl");
  script_require_keys("SMB/Flash_Player/installed");

  exit(0);
}

if (!get_kb_item("SMB/Flash_Player/installed")) exit(1, "The 'SMB/Flash_Player/installed' KB item is missing.");

info = '';

foreach variant (make_list("Plugin", "ActiveX", "Chrome"))
{
  vers = get_kb_list("SMB/Flash_Player/"+variant+"/Version/*");
  files = get_kb_list("SMB/Flash_Player/"+variant+"/File/*");
  if (!isnull(vers) && !isnull(files))
  {
    foreach key (keys(vers))
    {
      ver = vers[key];
      if (ver)
      {
        iver = split(ver, sep:'.', keep:FALSE);
        for(i=0;i<max_index(iver);i++)
          iver[i] = int(iver[i]);
        
        if (
          # nb: versions before 9.0 are not affected.
          # Chrome never shipped with Flash Player < 10.x
          (
            (iver[0] == 9 && iver[1] == 0 && iver[2] < 277) &&
            (variant == "Plugin" || variant == "ActiveX")
          ) ||
          (
            iver[0] == 10 && 
            (
              iver[1] < 1 ||
              (
                iver[1] == 1 &&
                (
                  iver[2] < 53 ||
                  (iver[2] == 53 && iver[3] < 64)
                )
              )
            )
          )
        )
        {
          num = key - ("SMB/Flash_Player/"+variant+"/Version/");
          file = files["SMB/Flash_Player/"+variant+"/File/"+num];
          if (variant == "Plugin")
          {
            info += '\n  Product : Browser Plugin (for Firefox / Netscape / Opera)';
          }
          else if (variant == "ActiveX")
          {
            info += '\n  Product : ActiveX control (for Internet Explorer)';
          }
          else if (variant == "Chrome")
          {
            info += '\n  Product : Browser Plugin (for Google Chrome)';
          }
          
          info += '\n  Path              : ' + file +
                  '\n  Installed version : ' + ver;
  
          if (variant == "Plugin" || variant == "ActiveX")
          { 
            if (iver[0] == 9)       info += '\n  Fixed version     : 9.0.277.0';
            else if (iver[0] == 10) info += '\n  Fixed version     : 10.1.53.64';
          }

          if (variant == "Chrome")
            info += '\n  Fixed version     : 10.1.53.64 (as included with Google Chrome 5.0.375.125)';

          info += '\n';

        }
      }
    }
  }
}

if (info)
{
  if (report_verbosity > 0)
  {
    if (max_index(split(info)) > 2)
      inst = "s";
    else
      inst = "";

    report = 
      '\n' +
      'Nessus has identified the following vulnerable instance' + inst + ' of Flash\n' +
      'Player installed on the remote host :\n' +
      '\n'+
      info;
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, 'The host is not affected.');
VendorProductVersionCPE
adobeflash_playercpe:/a:adobe:flash_player

References

Related

openvas 16
nessus 13
redhat 2
freebsd 1
securityvulns 10
suse 1
ubuntucve 27
prion 27
cvelist 28
nvd 27
cve 27
gentoo 1
checkpoint_advisories 4
seebug 4
zdi 3
saint 2
exploitpack 2
attackerkb 1
packetstorm 1
cisa_kev 1
metasploit 1
openvas
openvas
Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Windows)
2010-06-22 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Windows
2010-06-22 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux)
2010-06-22 00:00:00
nessus
nessus
Adobe AIR < 2.0.2.12610 Multiple Vulnerabilities (APSB10-14)
2010-06-10 00:00:00
RHEL 5 : flash-plugin (RHSA-2010:0464)
2013-01-24 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7071)
2011-01-27 00:00:00
redhat
redhat
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
securityvulns
securityvulns
Adobe Flash Player / Acrobat / Reader memory corruptions
2010-06-26 00:00:00
Security update available for Adobe Flash Player
2010-06-11 00:00:00
[security bulletin] HPSBMA02547 SSRT100179 rev.1 - HP Systems Insight Manager &#40;SIM&#41; for HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities
2010-07-18 00:00:00
suse
suse
remote code execution in flash-player
2010-06-11 17:44:20
ubuntucve
ubuntucve
CVE-2010-2184
2010-06-15 00:00:00
CVE-2010-2188
2010-06-15 00:00:00
CVE-2010-2166
2010-06-15 00:00:00
prion
prion
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
cvelist
cvelist
CVE-2010-2184
2010-06-15 17:48:00
CVE-2010-2176
2010-06-15 17:48:00
CVE-2010-2187
2010-06-15 17:48:00
nvd
nvd
CVE-2010-2187
2010-06-15 18:00:01
CVE-2010-2175
2010-06-15 18:00:01
CVE-2010-2182
2010-06-15 18:00:01
cve
cve
CVE-2010-2178
2010-06-15 18:00:01
CVE-2010-2188
2010-06-15 18:00:02
CVE-2010-2187
2010-06-15 18:00:01
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Embedded Image Integer Overflow (APSB10-14; CVE-2010-2170)
2010-06-17 00:00:00
Adobe Flash Player Deprecated Tag Memory Corruption (APSB10-14; CVE-2010-2186)
2010-06-21 00:00:00
Adobe Flash Player authplay.dll Component Code Execution (APSA10-01; CVE-2010-1297)
2010-06-07 00:00:00
seebug
seebug
Adobe Flash Player AVM Bytecode验证符多个整数溢出漏洞
2010-06-28 00:00:00
Adobe Acrobat Reader and Flash Player - “newclass” invalid pointer
2014-07-02 00:00:00
Adobe Flash and Reader - 0day Exploit PoC (from the wild)
2014-07-01 00:00:00
zdi
zdi
Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability
2010-06-25 00:00:00
Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability
2010-06-25 00:00:00
Adobe Flash Player Multiple Tag JPEG Parsing Remote Code Execution Vulnerability
2010-06-16 00:00:00
saint
saint
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
exploitpack
exploitpack
Adobe Acrobat Reader and Flash Player - newclass Invalid Pointer
2010-09-01 00:00:00
Adobe Flash Reader - Live Malware
2010-06-09 00:00:00
attackerkb
attackerkb
CVE-2010-1297
2010-06-08 00:00:00
packetstorm
packetstorm
Adobe Flash Player newfunction Invalid Pointer Use
2010-06-15 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Memory Corruption Vulnerability
2022-06-08 00:00:00
metasploit
metasploit
Adobe Flash Player "newfunction" Invalid Pointer Use
2010-06-10 19:52:43

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.873 High

EPSS

Percentile

98.7%

JSON
Related for FLASH_PLAYER_APSB10-14.NASL
openvas16nessus13redhat2freebsd1securityvulns10suse1ubuntucve27prion27cvelist28nvd27cve27gentoo1checkpoint_advisories4seebug4zdi3saint2exploitpack2attackerkb1packetstorm1cisa_kev1metasploit1