ID de Prueba:	1.3.6.1.4.1.25623.1.0.800854
Categoría:	Denial of Service
Título:	Adobe Flash Player/Air Multiple DoS Vulnerabilities (Aug 2009) - Linux
Resumen:	Adobe Flash Player/Air is prone to multiple Denial of Service vulnerabilities.
Descripción:	Summary: Adobe Flash Player/Air is prone to multiple Denial of Service vulnerabilities. Vulnerability Insight: Multiple vulnerabilities which can be to exploited to cause memory corruption, null pointer, privilege escalation, heap-based buffer overflow, local sandbox bypass, and input validation errors when processing specially crafted web pages. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code, gain elevated privileges, gain knowledge of certain information and conduct clickjacking attacks. Affected Software/OS: Adobe AIR version prior to 1.5.2 Adobe Flash Player 9 version prior to 9.0.246.0 Adobe Flash Player 10 version prior to 10.0.32.18 on Linux. Solution: Update to Adobe Air 1.5.2 or Adobe Flash Player 9.0.246.0 or 10.0.32.18. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1863 http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html BugTraq ID: 35890 http://www.securityfocus.com/bid/35890 BugTraq ID: 35900 http://www.securityfocus.com/bid/35900 http://security.gentoo.org/glsa/glsa-200908-04.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16391 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6961 http://www.securitytracker.com/id?1022629 http://secunia.com/advisories/36193 http://secunia.com/advisories/36374 http://secunia.com/advisories/36701 http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1 http://www.vupen.com/english/advisories/2009/2086 XForce ISS Database: adobe-flash-air-code-execution(52179) https://exchange.xforce.ibmcloud.com/vulnerabilities/52179 Common Vulnerability Exposure (CVE) ID: CVE-2009-1864 BugTraq ID: 35904 http://www.securityfocus.com/bid/35904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16133 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6660 XForce ISS Database: flash-air-unspecified-bo(52184) https://exchange.xforce.ibmcloud.com/vulnerabilities/52184 Common Vulnerability Exposure (CVE) ID: CVE-2009-1865 BugTraq ID: 35906 http://www.securityfocus.com/bid/35906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16338 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7011 XForce ISS Database: flash-air-code-execution-var1(52182) https://exchange.xforce.ibmcloud.com/vulnerabilities/52182 Common Vulnerability Exposure (CVE) ID: CVE-2009-1866 BugTraq ID: 35901 http://www.securityfocus.com/bid/35901 http://osvdb.org/56774 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16198 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7271 XForce ISS Database: flash-air-unspecified-bo-var2(52186) https://exchange.xforce.ibmcloud.com/vulnerabilities/52186 Common Vulnerability Exposure (CVE) ID: CVE-2009-1867 BugTraq ID: 35905 http://www.securityfocus.com/bid/35905 http://osvdb.org/56775 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15430 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6694 XForce ISS Database: flash-air-unspecified-clickjacking(52183) https://exchange.xforce.ibmcloud.com/vulnerabilities/52183 Common Vulnerability Exposure (CVE) ID: CVE-2009-1868 BugTraq ID: 35902 http://www.securityfocus.com/bid/35902 http://osvdb.org/56776 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6865 XForce ISS Database: flash-air-unspecified-bo-var1(52185) https://exchange.xforce.ibmcloud.com/vulnerabilities/52185 Common Vulnerability Exposure (CVE) ID: CVE-2009-1869 BugTraq ID: 35907 http://www.securityfocus.com/bid/35907 Bugtraq: 20090802 Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869) (Google Search) http://www.securityfocus.com/archive/1/505467/100/0/threaded http://roeehay.blogspot.com/2009/08/advisory-adobe-flash-player-avm2.html http://roeehay.blogspot.com/2009/08/exploitation-of-cve-2009-1869.html http://osvdb.org/56777 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15994 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6998 XForce ISS Database: flash-air-code-execution(52181) https://exchange.xforce.ibmcloud.com/vulnerabilities/52181 Common Vulnerability Exposure (CVE) ID: CVE-2009-1870 BugTraq ID: 35908 http://www.securityfocus.com/bid/35908 http://osvdb.org/56778 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15887 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6648 XForce ISS Database: flash-air-sandbox-info-disclosure(52180) https://exchange.xforce.ibmcloud.com/vulnerabilities/52180
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.