Summary
This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of the affected application or cause a denial of service condition.
Impact Level: Application.
Solution
Upgrade to Adobe Flash Player version 11.1.102.62 or later, For updates refer to http://www.adobe.com/downloads/
Insight
Flaws are due to
- A memory corruption error in ActiveX control.
- A type confusion memory corruption error.
- An unspecified error related to MP4 parsing.
- Many unspecified erros which allows to bypass certain security restrictions.
- Improper validation of user supplied input which allows attackers to execute arbitrary HTML and script code in a user's browser session
Affected
Adobe Flash Player version before 10.3.183.15
Adobe Flash Player version 11.x through 11.1.102.55 and prior on Windows
References
Severity
Classification
-
CVE CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0756, CVE-2012-0757, CVE-2012-0767 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Windows)