| VID |
28299 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Adobe Flash Player that is earlier than 10.2.159.1. Such versions are reportedly affected by a
memory corruption vulnerability.
By tricking a user on the affected system into opening a specially
crafted document with Flash content, such as a SWF file embedded in a
Microsoft Word document, an attacker can potentially leverage this
issue to execute arbitrary code remotely on the system subject to the
user's privileges.
Note that there are reports that this issue is being exploited in the
wild as of April 2011.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx
http://www.adobe.com/support/security/bulletins/apsb11-07.html
* Platforms Affected:
Adobe Flash Player prior to 10.2.159.1
Apple Mac OS X Any version
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Adobe Flash Player (10.2.159.1 or later), available from the Adobe Web site at http://get.adobe.com/kr/air/ |
| Related URL |
CVE-2011-0611 (CVE) |
| Related URL |
47314 (SecurityFocus) |
| Related URL |
(ISS) |
|
