Detections
Analytics
GLSA-201505-02 : Adobe Flash Player: Multiple vulnerabilities
critical Nessus Plugin ID 83911
Language:
Synopsis
The remote Gentoo host is missing one or more security-related patches.Description
The remote host is affected by the vulnerability described in GLSA-201505-02 (Adobe Flash Player: Multiple vulnerabilities)Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.
Impact :
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround :
There is no known workaround at this time.
Solution
All Adobe Flash Player users should upgrade to the latest version:# emerge --sync # emerge --ask --oneshot --verbose '>=www-plugins/adobe-flash-11.2.202.460'
See Also
Plugin Details
Severity: Critical
ID: 83911
File Name: gentoo_GLSA-201505-02.nasl
Version: 2.9
Type: local
Family: Gentoo Local Security Checks
Published: 6/1/2015
Updated: 1/11/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:gentoo:linux:adobe-flash, cpe:/o:gentoo:linux
Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/31/2015
Exploitable With
Core Impact
Metasploit (Adobe Flash Player ShaderJob Buffer Overflow)
Reference Information
CVE: CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087, CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091, CVE-2015-3092, CVE-2015-3093
BID: 74065, 74605, 74608, 74609, 74610, 74612, 74613, 74614, 74616, 74617
GLSA: 201505-02