Flash Player for Mac <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

NASLDB: Flash Player for Mac <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

General

ID: 59428
Name: Flash Player for Mac <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)

Summary: Checks version of Flash Player

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Port: 0
Family: MacOS X Local Security Checks
Type: Local

Description

According to its version, the instance of Flash Player installed on
the remote Mac OS X host is 10.x equal to or earlier than 10.3.183.19
or 11.x equal to or earlier than 11.3.300.256. It is, therefore,
potentially affected by multiple vulnerabilities :

– Multiple memory corruption vulnerabilities exist that
could lead to code execution.
(CVE-2012-2034, CVE-2012-2037)

– A stack overflow vulnerability exists that could lead to
code execution. (CVE-2012-2035)

– An integer overflow vulnerability exists that could lead
to code execution. (CVE-2012-2036)

– A security bypass vulnerability exists that could lead
to information disclosure. (CVE-2012-2038)

– A null dereference vulnerability exists that could lead
to code execution. (CVE-2012-2039)

– A binary planting vulnerability exists in the Flash
Player installer that could lead to code execution.
(CVE-2012-2040)