English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 134041 CVE descriptions
and 69903 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69211
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0867
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0867.

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security page APSB10-26, listed
in the References section.

Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2010-3639,
CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644,
CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649,
CVE-2010-3650, CVE-2010-3652, CVE-2010-3654)

An input validation flaw was discovered in flash-plugin. Certain server
encodings could lead to a bypass of cross-domain policy file restrictions,
possibly leading to cross-domain information disclosure. (CVE-2010-3636)

During testing, it was discovered that there were regressions with Flash
Player on certain sites, such as fullscreen playback on YouTube. Despite
these regressions, we feel these security flaws are serious enough to
update the package with what Adobe has provided.

All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.1.102.64.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0867.html
http://www.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb10-26.html

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3636
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://security.gentoo.org/glsa/glsa-201101-09.xml
HPdes Security Advisory: HPSBMA02663
http://marc.info/?l=bugtraq&m=130331642631603&w=2
HPdes Security Advisory: SSRT100428
http://www.redhat.com/support/errata/RHSA-2010-0829.html
http://www.redhat.com/support/errata/RHSA-2010-0834.html
http://www.redhat.com/support/errata/RHSA-2010-0867.html
SuSE Security Announcement: SUSE-SA:2010:055 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
http://jvn.jp/en/jp/JVN48425028/index.html
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html
BugTraq ID: 44691
http://www.securityfocus.com/bid/44691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913
http://secunia.com/advisories/42183
http://secunia.com/advisories/42926
http://secunia.com/advisories/43026
http://www.vupen.com/english/advisories/2010/2903
http://www.vupen.com/english/advisories/2010/2906
http://www.vupen.com/english/advisories/2010/2918
http://www.vupen.com/english/advisories/2011/0173
http://www.vupen.com/english/advisories/2011/0192
Common Vulnerability Exposure (CVE) ID: CVE-2010-3639
BugTraq ID: 44692
http://www.securityfocus.com/bid/44692
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11310
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12625
Common Vulnerability Exposure (CVE) ID: CVE-2010-3640
BugTraq ID: 44675
http://www.securityfocus.com/bid/44675
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
Common Vulnerability Exposure (CVE) ID: CVE-2010-3641
BugTraq ID: 44677
http://www.securityfocus.com/bid/44677
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12154
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16161
Common Vulnerability Exposure (CVE) ID: CVE-2010-3642
BugTraq ID: 44678
http://www.securityfocus.com/bid/44678
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16254
Common Vulnerability Exposure (CVE) ID: CVE-2010-3643
BugTraq ID: 44679
http://www.securityfocus.com/bid/44679
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12151
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16242
Common Vulnerability Exposure (CVE) ID: CVE-2010-3644
BugTraq ID: 44680
http://www.securityfocus.com/bid/44680
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11660
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16220
Common Vulnerability Exposure (CVE) ID: CVE-2010-3645
BugTraq ID: 44681
http://www.securityfocus.com/bid/44681
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11905
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15961
Common Vulnerability Exposure (CVE) ID: CVE-2010-3646
BugTraq ID: 44682
http://www.securityfocus.com/bid/44682
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16183
Common Vulnerability Exposure (CVE) ID: CVE-2010-3647
BugTraq ID: 44683
http://www.securityfocus.com/bid/44683
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12095
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16160
Common Vulnerability Exposure (CVE) ID: CVE-2010-3648
BugTraq ID: 44684
http://www.securityfocus.com/bid/44684
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11842
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15980
Common Vulnerability Exposure (CVE) ID: CVE-2010-3649
BugTraq ID: 44685
http://www.securityfocus.com/bid/44685
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11872
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15750
Common Vulnerability Exposure (CVE) ID: CVE-2010-3650
BugTraq ID: 44686
http://www.securityfocus.com/bid/44686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11636
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15971
Common Vulnerability Exposure (CVE) ID: CVE-2010-3652
BugTraq ID: 44687
http://www.securityfocus.com/bid/44687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11965
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15284
Common Vulnerability Exposure (CVE) ID: CVE-2010-3654
http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html
http://security.gentoo.org/glsa/glsa-201101-08.xml
http://www.redhat.com/support/errata/RHSA-2010-0934.html
SuSE Security Announcement: SUSE-SA:2010:058 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html
TurboLinux Advisory: TLSA-2011-2
http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
CERT/CC vulnerability note: VU#298081
http://www.kb.cert.org/vuls/id/298081
BugTraq ID: 44504
http://www.securityfocus.com/bid/44504
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294
http://www.securitytracker.com/id?1024659
http://www.securitytracker.com/id?1024660
http://secunia.com/advisories/41917
http://secunia.com/advisories/42030
http://secunia.com/advisories/42401
http://secunia.com/advisories/43025
http://securityreason.com/securityalert/8210
http://www.vupen.com/english/advisories/2010/3111
http://www.vupen.com/english/advisories/2011/0191
http://www.vupen.com/english/advisories/2011/0344
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2018 E-Soft Inc. All rights reserved.