RHEL 3 / 4 : flash-plugin (RHSA-2010:0103)

medium Nessus Plugin ID 63918

Language:

Synopsis

The remote Red Hat host is missing a security update.

Description

An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 and 4 Extras.

This update has been rated as having important security impact by the Red Hat Security Response Team.

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update fixes a vulnerability in Adobe Flash Player. This vulnerability is summarized on the Adobe Security Advisory APSB10-06 page listed in the References section. If a victim loaded a web page containing specially crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. (CVE-2010-0186)

All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.262.0.

Solution

Update the affected flash-plugin package.

Plugin Details

Severity: Medium

ID: 63918

File Name: redhat-RHSA-2010-0103.nasl

Version: 1.12

Type: local

Agent: unix

Family: Red Hat Local Security Checks

Published: 1/24/2013

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:flash-plugin, cpe:/o:redhat:enterprise_linux:3, cpe:/o:redhat:enterprise_linux:4, cpe:/o:redhat:enterprise_linux:4.8

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/12/2010

Reference Information

CVE: CVE-2010-0186

BID: 38198

RHSA: 2010:0103

Detections

Analytics