Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310805912
HistoryJul 09, 2015 - 12:00 a.m.

Adobe Air Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X

2015-07-0900:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
21

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

Adobe Air is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:adobe:adobe_air";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.805912");
  script_version("2024-02-16T05:06:55+0000");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
  script_cve_id("CVE-2015-5119", "CVE-2014-0578", "CVE-2015-3114", "CVE-2015-3115",
                "CVE-2015-3116", "CVE-2015-3117", "CVE-2015-3118", "CVE-2015-3119",
                "CVE-2015-3120", "CVE-2015-3121", "CVE-2015-3122", "CVE-2015-3123",
                "CVE-2015-3124", "CVE-2015-3125", "CVE-2015-3126", "CVE-2015-3127",
                "CVE-2015-3128", "CVE-2015-3129", "CVE-2015-3130", "CVE-2015-3131",
                "CVE-2015-3132", "CVE-2015-3133", "CVE-2015-3134", "CVE-2015-3135",
                "CVE-2015-3136", "CVE-2015-3137", "CVE-2015-4428", "CVE-2015-4429",
                "CVE-2015-4430", "CVE-2015-4431", "CVE-2015-4432", "CVE-2015-4433",
                "CVE-2015-5116", "CVE-2015-5117", "CVE-2015-5118");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-16 05:06:55 +0000 (Fri, 16 Feb 2024)");
  script_tag(name:"creation_date", value:"2015-07-09 11:41:16 +0530 (Thu, 09 Jul 2015)");
  script_name("Adobe Air Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X");

  script_tag(name:"summary", value:"Adobe Air is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to:

  - An use-after-free error in 'ByteArray' class.

  - Multiple heap based buffer overflow errors.

  - Multiple memory corruption errors.

  - Multiple null pointer dereference errors.

  - Multiple unspecified errors.

  - A type confusion error.

  - Multiple use-after-free vulnerabilities.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to gain access to potentially sensitive information, conduct denial
  of service attack and potentially execute arbitrary code in the context of the
  affected user.");

  script_tag(name:"affected", value:"Adobe Air versions before 18.0.0.180 on
  Mac OS X.");

  script_tag(name:"solution", value:"Upgrade to Adobe Air version 18.0.0.180
  or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"executable_version");

  script_xref(name:"URL", value:"https://helpx.adobe.com/security/products/flash-player/apsb15-16.html");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75568");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75594");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75593");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75591");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75590");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75595");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75596");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75592");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_adobe_prdts_detect_macosx.nasl");
  script_mandatory_keys("Adobe/Air/MacOSX/Version");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!vers = get_app_version(cpe:CPE))
  exit(0);

if(version_is_less(version:vers, test_version:"18.0.0.180"))
{
  report = 'Installed version: ' + vers + '\n' +
           'Fixed version:     ' + "18.0.0.180" + '\n';
  security_message(data:report);
  exit(0);
}

Related

openvas 7
suse 2
altlinux 2
nessus 15
gentoo 1
kaspersky 1
securityvulns 1
redhat 1
mageia 1
cve 33
nvd 34
prion 33
cvelist 33
ubuntucve 33
checkpoint_advisories 2
openvas
openvas
Adobe Flash Player Use-After-Free Vulnerability (Jul 2015) - Windows
2015-07-08 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:1211-1)
2015-10-15 00:00:00
Adobe Air Multiple Vulnerabilities-01 (Jul 2015) - Windows
2015-07-09 00:00:00
suse
suse
Security update for flash-player (critical)
2015-07-09 14:08:22
Security update for flash-player (critical)
2015-07-09 11:08:12
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt47
2015-07-08 00:00:00
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt47
2015-07-08 00:00:00
nessus
nessus
SUSE SLED12 Security Update : flash-player (SUSE-SU-2015:1211-1) (Underminer)
2015-07-13 00:00:00
Google Chrome < 43.0.2357.132 Multiple Vulnerabilities (Mac OS X)
2015-07-10 00:00:00
Flash Player < 13.0.0.302 / 18.0.0.203 Multiple Vulnerabilities (APSB15-16)
2015-07-24 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-07-10 00:00:00
kaspersky
kaspersky
KLA10623 Multiple vulnerabilities in Adobe products
2015-07-08 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2015-07-19 00:00:00
redhat
redhat
(RHSA-2015:1214) Critical: flash-plugin security update
2015-07-08 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes critical security vulnerabilities
2015-07-09 11:09:20
cve
cve
CVE-2015-3128
2015-07-09 16:59:15
CVE-2015-3136
2015-07-09 16:59:22
CVE-2015-3132
2015-07-09 16:59:18
nvd
nvd
CVE-2015-3124
2015-07-09 16:59:11
CVE-2015-3131
2015-07-09 16:59:17
CVE-2015-3118
2015-07-09 16:59:05
prion
prion
Design/Logic Flaw
2015-07-09 16:59:00
Design/Logic Flaw
2015-07-09 16:59:00
Design/Logic Flaw
2015-07-09 16:59:00
cvelist
cvelist
CVE-2015-3137
2015-07-09 16:00:00
CVE-2015-3131
2015-07-09 16:00:00
CVE-2015-5117
2015-07-09 16:00:00
ubuntucve
ubuntucve
CVE-2015-3131
2015-07-09 00:00:00
CVE-2015-3128
2015-07-09 00:00:00
CVE-2015-3137
2015-07-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3128; CVE-2015-3136; CVE-2015-3137; CVE-2015-4428)
2015-07-26 00:00:00
Adobe Flash Player Same Origin Policy Bypass (APSB15-16: CVE-2015-3125; CVE-2015-5116)
2015-08-23 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON
Related for OPENVAS:1361412562310805912
openvas7suse2altlinux2nessus15gentoo1kaspersky1securityvulns1redhat1mageia1cve33nvd34prion33cvelist33ubuntucve33checkpoint_advisories2