Lucene search
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_3_FLASH-PLAYER-110415.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : flash-player (openSUSE-SU-2011:0373-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.961
Percentile
99.5%
Specially crafted Flash files could be exploited to execute arbitrary code (CVE-2011-0611).
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update flash-player-4399.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(75497);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/08");
script_cve_id("CVE-2011-0611");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/03/24");
script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0373-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"Specially crafted Flash files could be exploited to execute arbitrary
code (CVE-2011-0611).");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=686818");
script_set_attribute(attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-04/msg00066.html");
script_set_attribute(attribute:"solution", value:
"Update the affected flash-player package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"patch_publication_date", value:"2011/04/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.3", reference:"flash-player-10.2.159.1-0.2.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
}
Related
redhat
redhat
(RHSA-2011:0451) Critical: flash-plugin security update
2011-04-18 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SA:2011:018)
2011-04-22 00:00:00
SuSE Update for flash-player SUSE-SA:2011:018
2011-04-22 00:00:00
FreeBSD Ports: linux-flashplugin
2011-05-12 00:00:00
threatpost
threatpost
Analysis of the New Adobe Flash Attacks
2011-04-13 16:13:42
Adobe Releases Patch for Flash Zero Day Hole in Reader, Acrobat
2011-04-21 20:11:41
Adobe Flash Bug Being Used in Attacks Via Word Documents
2011-04-12 11:51:03
attackerkb
attackerkb
CVE-2011-0611
2011-04-13 00:00:00
prion
prion
Type confusion
2011-04-13 14:55:00
cert
cert
Adobe Flash Player contains unspecified code execution vulnerability
2011-04-12 00:00:00
cve
cve
CVE-2011-0611
2011-04-13 14:55:01
zdt
zdt
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-17 00:00:00
nessus
nessus
RHEL 5 / 6 : flash-plugin (RHSA-2011:0451)
2011-04-19 00:00:00
Google Chrome < 10.0.648.205 Multiple Vulnerabilities
2011-04-14 00:00:00
SuSE 11.1 Security Update : flash-player (SAT Patch Number 4400)
2011-04-19 00:00:00
seebug
seebug
Adobe Reader X Atom Type Confusion Vulnerability Exploit
2014-07-01 00:00:00
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-24 00:00:00
Adobe Flash Player 'SWF'ζδ»ΆθΏη¨ε
εη ΄εζΌζ΄
2011-04-13 00:00:00
exploitpack
exploitpack
Adobe Reader X 10.0.0 10.0.1 - Atom Type Confusion
2011-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2011-0611
2011-04-13 00:00:00
checkpoint_advisories
checkpoint_advisories
freebsd
freebsd
linux-flashplugin -- remote code execution vulnerability
2011-01-20 00:00:00
exploitdb
exploitdb
Adobe Flash Player 10.2.153.1 - SWF Memory Corruption (Metasploit)
2011-04-16 00:00:00
Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion
2011-07-03 00:00:00
packetstorm
packetstorm
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-17 00:00:00
saint
saint
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Remote Code Execution Vulnerability
2022-03-03 00:00:00
nvd
nvd
CVE-2011-0611
2011-04-13 14:55:01
suse
suse
remote code execution in flash-player
2011-04-18 16:33:38
metasploit
metasploit
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-16 02:09:33
thn
thn
Emergency Adobe Flash Player patch coming today !
2011-04-16 07:59:00
vulnrichment
vulnrichment
CVE-2011-0611
2011-04-13 14:00:00
cvelist
cvelist
CVE-2011-0611
2011-04-13 14:00:00
securelist
securelist
myhack58
myhack58
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.961
Percentile
99.5%
Related for SUSE_11_3_FLASH-PLAYER-110415.NASL