Korean
<< Back
VID 50015
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description According to its version, the instance of Flash Player installed on the remote Windows host is earlier than 10.3.183.15.
Adobe Flash Player before 10.3.183.15 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://www.adobe.com/support/security/bulletins/apsb12-03.html
http://rhn.redhat.com/errata/RHSA-2012-0144.html
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html

* Platforms Affected:
Adobe Flash Player prior to 10.3.183.15
Apple Mac OS X Any version
Linux Any version
Microsoft Windows Any version
Recommendation Upgrade to the latest version of Adobe Flash Player (10.3.183.15 or later), available from the Adobe Web site at http://get.adobe.com/kr/flashplayer/
Related URL CVE-2012-0754 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)