FreeBSD Local Security Checks : FreeBSD Ports: linux-flashplugin

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.66848

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: linux-flashplugin

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

linux-flashplugin
linux-f8-flashplugin
linux-f10-flashplugin

CVE-2010-0186
Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2 and
Adobe AIR before 1.5.3.9130 allows remote attackers to bypass intended
sandbox restrictions and make cross-domain requests via unspecified
vectors.

CVE-2010-0187
Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130
allow remote attackers to cause a denial of service (application
crash) via a modified SWF file.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0186
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 38198
http://www.securityfocus.com/bid/38198
http://security.gentoo.org/glsa/glsa-201101-09.xml
http://www.osvdb.org/62300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518
RedHat Security Advisories: RHSA-2010:0102
https://rhn.redhat.com/errata/RHSA-2010-0102.html
RedHat Security Advisories: RHSA-2010:0103
https://rhn.redhat.com/errata/RHSA-2010-0103.html
http://www.redhat.com/support/errata/RHSA-2010-0114.html
http://securitytracker.com/id?1023585
http://secunia.com/advisories/38547
http://secunia.com/advisories/38639
http://secunia.com/advisories/38915
http://secunia.com/advisories/40220
http://secunia.com/advisories/43026
SuSE Security Announcement: SUSE-SR:2010:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
http://www.vupen.com/english/advisories/2010/1481
http://www.vupen.com/english/advisories/2011/0192
Common Vulnerability Exposure (CVE) ID: CVE-2010-0187
BugTraq ID: 38200
http://www.securityfocus.com/bid/38200
http://www.exploit-db.com/exploits/11182
http://sebug.net/exploit/18967/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8393

Copyright Copyright (C) 2010 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66848
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: linux-flashplugin
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: linux-flashplugin linux-f8-flashplugin linux-f10-flashplugin CVE-2010-0186 Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors. CVE-2010-0187 Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0186 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html BugTraq ID: 38198 http://www.securityfocus.com/bid/38198 http://security.gentoo.org/glsa/glsa-201101-09.xml http://www.osvdb.org/62300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518 RedHat Security Advisories: RHSA-2010:0102 https://rhn.redhat.com/errata/RHSA-2010-0102.html RedHat Security Advisories: RHSA-2010:0103 https://rhn.redhat.com/errata/RHSA-2010-0103.html http://www.redhat.com/support/errata/RHSA-2010-0114.html http://securitytracker.com/id?1023585 http://secunia.com/advisories/38547 http://secunia.com/advisories/38639 http://secunia.com/advisories/38915 http://secunia.com/advisories/40220 http://secunia.com/advisories/43026 SuSE Security Announcement: SUSE-SR:2010:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://www.vupen.com/english/advisories/2010/1481 http://www.vupen.com/english/advisories/2011/0192 Common Vulnerability Exposure (CVE) ID: CVE-2010-0187 BugTraq ID: 38200 http://www.securityfocus.com/bid/38200 http://www.exploit-db.com/exploits/11182 http://sebug.net/exploit/18967/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8393
Copyright	Copyright (C) 2010 E-Soft Inc.