Flash Player <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

NASLDB: Flash Player <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

General

ID: 59426
Name: Flash Player <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

Summary: Checks version of Flash Player

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Port: –
Family: Windows
Type: Local

Description

According to its version, the instance of Flash Player installed on
the remote Windows host is 10.x equal to or earlier than 10.3.183.19
or 11.x equal to or earlier than 11.3.300.256. It is, therefore,
potentially affected by multiple vulnerabilities :

– Multiple memory corruption vulnerabilities exist that
could lead to code execution. (CVE-2012-2034,
CVE-2012-2037)

– A stack overflow vulnerability exists that could lead to
code execution. (CVE-2012-2035)

– An integer overflow vulnerability exists that could lead
to code execution. (CVE-2012-2036)

– A security bypass vulnerability exists that could lead
to information disclosure. (CVE-2012-2038)

– A null dereference vulnerability exists that could lead
to code execution. (CVE-2012-2039)

– A binary planting vulnerability exists in the Flash
Player installer that could lead to code execution.
(CVE-2012-2040)