|
|
Family: Gain root remotely --> Category: infos
Flash Player APSB06-18 Vulnerability Scan
Vulnerability Scan Summary
Checks version of Flash Player
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host contains a browser test that is affected by
multiple HTTP header injection issues.
Description :
According to its version number, the instance of Flash Player on the
remote Windows host contains two ways for a remote attacker to perform
arbitrary HTTP requests while controlling most of the HTTP headers. A
remote attacker may be able to leverage these issues to conduct
cross-site request forgery attacks against a user who visits a
malicious web site.
See also :
http://www.rapid7.com/advisories/R7-0026.jsp
http://www.adobe.com/support/security/bulletins/apsb06-18.html
Solution :
Upgrade to Flash Player version 9.0.28.0 or later.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
