Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gain root remotely >> Flash Player < 9.0


Vulnerability Assessment Details

Flash Player < 9.0

Vulnerability Assessment Summary
Checks version of Flash Player

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote Windows host contains a browser test that is affected by
multiple issues.

Description :

According to its version number, the instance of Flash Player on the
remote Windows host is affected by arbitrary code execution and denial
of service flaws. By convincing a user to visit a site with a
specially-crafted SWF file, a possible hacker may be able to execute
arbitrary code on the affected host or cause the web browser to crash.

See also :

http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-20.html
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-21.html
http://www.kb.cert.org/vuls/id/474593
http://www.adobe.com/support/security/bulletins/apsb06-11.html

Solution :

Upgrade to Flash Player 9.0 or later.

Network Security Threat Level:

Medium / CVSS Base Score : 5.6
(AV:R/AC:H/Au:NR/C:P/I:P/A:P/B:N)

Networks Security ID: 18894, 19980

Vulnerability Assessment Copyright: This script is Copyright (C) 2006-2007 Tenable Network Security

Cables, Connectors

X2 Transceiver Module
$665.08
X2 Transceiver Module pictureCisco ATA187 UC Analog Telephone VOIP Adapter New #N100
$99.99
Cisco ATA187 UC Analog Telephone VOIP Adapter New #N100 pictureCISCO CP-7942G Phones - Quantity 20 Available in stock
$49.0
CISCO CP-7942G Phones -  Quantity 20  Available in stock pictureCISCO WS-C6506-E w/ Fan, Dual 3000W PWR, 6724-SFP, WS-X6708-10G-3C, X2-10GB-LX4
$1958.0
CISCO WS-C6506-E w/ Fan, Dual 3000W PWR, 6724-SFP,  WS-X6708-10G-3C, X2-10GB-LX4 picture


Discussions

No Discussions have been posted on this vulnerability.