risu 1.8.3 → 1.8.4

data/lib/risu/parsers/nessus/postprocess/{shockwave.rb → adobe_creative_desktop.rb}

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -23,45 +23,20 @@ module Risu
 	module Parsers
 		module Nessus
 			module PostProcess
-				class Shockwave < Risu::Base::PostProcessBase
+				class AbobeCreativeCloudDesktopRollup < Risu::Base::PostProcessBase
 
 					#
 					def initialize
 						@info =
 						{
-							:description => "Shockwave Player Patch Rollup",
-							:plugin_id => -99991,
-							:plugin_name => "Update to the latest Shockwave Player",
-							:item_name => "Update to the latest Shockwave Player",
+							:description => "Adobe Creative Cloud Desktop Patch Rollup",
+							:plugin_id => -99948,
+							:plugin_name => "Missing the latest Adobe Creative Cloud Desktop Patches",
+							:item_name => "Update to the latest Adobe Creative Cloud Desktop",
 							:plugin_ids => [
-								72435,
-								72983,
-								42369,
-								51936,
-								71342,
-								44094,
-								39564,
-								40421,
-								44094,
-								46329,
-								48436,
-								50387,
-								55142,
-								55833,
-								56734,
-								57941,
-								59047,
-								61536,
-								62702,
-								64621,
-								65913,
-								67233,
-								69844,
-								84765,
-								85882,
-								86633,
-								97835,
-								
+								99366, #Adobe Creative Cloud Desktop < 4.0.0.185 Multiple Vulnerabilities (APSB17-13)
+								91386, #Adobe Creative Cloud <= 3.5.1.209 Arbitrary File Read/Write Vulnerability
+94055, #Adobe Creative Cloud Desktop < 3.8.0.310 Unquoted Search Path Local Privilege Escalation (APSB16-34)
 
 							]
 						}

data/lib/risu/parsers/nessus/postprocess/adobe_flash_player.rb

@@ -0,0 +1,175 @@
+# Copyright (c) 2010-2020 Jacob Hammack.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class AdobeFlashPlayer < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "Adobe Flash Player Patch Rollup",
+							:plugin_id => -99997,
+							:plugin_name => "Missing the latest Adobe Flash Player Patches",
+							:item_name => "Update to the latest Adobe Flash Player",
+							:plugin_ids => [
+								100756, #Adobe Flash Player <= 25.0.0.171 Multiple Vulnerabilities (APSB17-17)
+								11323, #Flash Player < 6.0.79.0 Multiple Unspecified Overflows
+								11952, #Flash Player < 7.0.19.0 Predictable Data Location Weakness
+								20158, #Flash Player < 7.0.60.0 / 8.0.22.0 Multiple Vulnerabilities
+								21079, #Flash Player swf Processing Multiple Unspecified Code Execution (APSB06-03)
+								22056, #Flash Player Multiple Vulnerabilities (APSB06-11)
+								23869, #Flash Player HTTP Header CRLF Injection (APSB06-18)
+								25694, #Flash Player Multiple Vulnerabilities (APSB07-12)
+								29741, #Flash Player < 7.0.73.0 / 9.0.115.0 Multiple Vulnerabilities (APSB07-20)
+								31799, #Flash Player < 8.0.42.0 / 9.0.124.0 Multiple Vulnerabilities (APSB08-11)
+								34741, #Flash Player < 9.0.151.0 / 10.0.12.36 Multiple Vulnerabilities (APSB08-18 / APSB08-20 / APSB08-22)
+								35742, #Flash Player 9.0.159.0 / 10.0.22.87 Multiple Vulnerabilities (APSB09-01)
+								40434, #Flash Player < 9.0.246.0 / 10.0.32.18 Multiple Vulnerabilities (APSB09-10)
+								43068, #Flash Player < 9.0.260 / 10.0.42.34 Multiple Vulnerabilities (APSB09-19)
+								44596, #Flash Player < 10.0.45.2 Multiple Vulnerabilities (APSB10-06)
+								46859, #Flash Player < 9.0.277.0 / 10.1.53.63 Multiple Vulnerabilities (ASPB10-14)
+								48300, #Flash Player < 9.0.280 / 10.1.82.76 Multiple Vulnerabilities (APSB10-16)
+								49307, #Flash Player < 9.0.283 / 10.1.85.3 Unspecified Code Execution (APSB10-22)
+								50493, #Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)
+								51926, #Flash Player < 10.2.152.26 Multiple Vulnerabilities (APSB11-02)
+								52673, #Flash Player < 10.2.153.1 Unspecified Memory Corruption (APSB11-05)
+								53472, #Flash Player < 10.2.159.1 ActionScript Predefined Class Prototype Addition Remote Code Execution (APSB11-07)
+								54299, #Flash Player < 10.3.181.14 Multiple Vulnerabilities (APSB11-12)
+								54972, #Flash Player < 10.3.181.22 XSS (APSB11-13)
+								55140, #Flash Player < 10.3.181.26 Multiple Vulnerabilities (APSB11-18)
+								55803, #Flash Player <= 10.3.181.36 Multiple Vulnerabilities (APSB11-21)
+								56259, #Flash Player <= 10.3.183.7 Multiple Vulnerabilities (APSB11-26)
+								56874, #Flash Player <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)
+								58001, #Flash Player <= 10.3.183.14 / 11.1.102.55 Multiple Vulnerabilities (APSB12-03)
+								58207, #Flash Player <= 10.3.183.15 / 11.1.102.62 Multiple Vulnerabilities (APSB12-05)
+								58538, #Flash Player <= 10.3.183.16 / 11.1.102.63 Multiple Memory Corruption Vulnerabilities (APSB12-07)
+								58994, #Flash Player <= 10.3.183.18 / 11.2.202.233 Object Confusion Vulnerability (APSB12-09)
+								59426, #Flash Player <= 10.3.183.19 / 11.3.300.256 Multiple Vulnerabilities (APSB12-14)
+								61550, #Flash Player <= 11.3.300.270 Code Execution (APSB12-18)
+								61622, #Flash Player <= 10.3.183.22 / 11.4.402.264 Multiple Vulnerabilities (APSB12-19)
+								62480, #Flash Player <= 10.3.183.23 / 11.4.402.278 Multiple Vulnerabilities (APSB12-22)
+								62836, #Flash Player <= 10.3.183.29 / 11.4.402.287 Multiple Vulnerabilities (APSB12-24)
+								63242, #Flash Player <= 10.3.183.43 / 11.5.502.110 Multiple Vulnerabilities (APSB12-27)
+								63450, #Flash Player <= 10.3.183.48 / 11.5.502.135 Buffer Overflow (APSB13-01)
+								64506, #Flash Player <= 10.3.183.50 / 11.5.502.146 Multiple Vulnerabilities (APSB13-04)
+								64584, #Flash Player <= 10.3.183.51 / 11.5.502.149 Multiple Vulnerabilities (APSB13-05)
+								64916, #Flash Player <= 10.3.183.63 / 11.6.602.168 Multiple Vulnerabilities (APSB13-08)
+								65219, #Flash Player <= 10.3.183.67 / 11.6.602.171 Multiple Vulnerabilities (APSB13-09)
+								65910, #Flash Player <= 10.3.183.68 / 11.6.602.180 Multiple Vulnerabilities (APSB13-11)
+								66445, #Flash Player <= 10.3.183.75 / 11.7.700.169 Multiple Vulnerabilities (APSB13-14)
+								66872, #Flash Player <= 10.3.183.86 / 11.7.700.202 Memory Corruption (APSB13-16)
+								67225, #Flash Player <= 10.3.183.90 / 11.7.700.224 Multiple Vulnerabilities (APSB13-17)
+								69866, #Flash Player <= 11.7.700.232 / 11.8.800.94 Memory Corruptions (APSB13-21)
+								70858, #Flash Player <= 11.7.700.242 / 11.9.900.117 Memory Corruptions (APSB13-26)
+								71351, #Flash Player <= 11.7.700.252 / 11.9.900.152 Multiple Vulnerabilities (APSB13-28)
+								71951, #Flash Player <= 11.7.700.257 / 11.9.900.170 Multiple Vulnerabilities (APSB14-02)
+								72284, #Flash Player <= 11.7.700.260 / 12.0.0.43 Unspecified Remote Code Execution (APSB14-04)
+								72606, #Flash Player <= 11.7.700.261 / 12.0.0.44 Multiple Vulnerabilities (APSB14-07)
+								72937, #Flash Player <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08)
+								73433, #Flash Player <= 11.7.700.272 / 12.0.0.77 Multiple Vulnerabilities (APSB14-09)
+								73740, #Flash Player <= 11.7.700.275 / 13.0.0.182 Pixel Bender Component Buffer Overflow (APSB14-13)
+								73994, #Flash Player <= 13.0.0.206 Multiple Vulnerabilities (APSB14-14)
+								74431, #Flash Player <= 13.0.0.214 Multiple Vulnerabilities (APSB14-16)
+								76413, #Flash Player <= 14.0.0.125 Multiple Vulnerabilities (APSB14-17)
+								77172, #Flash Player <= 14.0.0.145 Multiple Vulnerabilities (APSB14-18)
+								77577, #Flash Player <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)
+								78441, #Flash Player <= 15.0.0.167 Multiple Vulnerabilities (APSB14-22)
+								79140, #Flash Player <= 15.0.0.189 Multiple Vulnerabilities (APSB14-24)
+								79442, #Flash Player <= 15.0.0.223 Dereferenced Memory Pointer RCE (APSB14-26)
+								79835, #Flash Player <= 15.0.0.239 Multiple Vulnerabilities (APSB14-27)
+								80484, #Flash Player <= 16.0.0.235 Multiple Vulnerabilities (APSB15-01)
+								80946, #Flash Player <= 16.0.0.257 Information Disclosure (APSB15-02)
+								80998, #Flash Player <= 16.0.0.287 Unspecified Code Execution (APSA15-01 / APSB15-03)
+								81127, #Flash Player <= 16.0.0.296 Unspecified Code Execution (APSA15-02 / APSB15-04)
+								81819, #Flash Player <= 16.0.0.305 Multiple Vulnerabilities (APSB15-05)
+								82781, #Adobe Flash Player <= 17.0.0.134 Multiple Vulnerabilities (APSB15-06)
+								83365, #Adobe Flash Player <= 17.0.0.169 Multiple Vulnerabilities (APSB15-09)
+								84048, #Adobe Flash Player <= 17.0.0.188 Multiple Vulnerabilities (APSB15-11)
+								84365, #Adobe Flash Player <= 18.0.0.161 RCE (APSB15-14)
+								84642, #Adobe Flash Player <= 18.0.0.194 Multiple Vulnerabilities (APSB15-16)
+								84730, #Adobe Flash Player <= 18.0.0.203 Multiple RCE Vulnerabilities (APSB15-18)
+								85326, #Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19)
+								86060, #Adobe Flash Player <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)
+								86369, #Adobe Flash Player <= 19.0.0.185 Multiple Vulnerabilities (APSB15-25)
+								86423, #Adobe Flash Player <= 19.0.0.207 Vulnerability (APSB15-27)
+								86851, #Adobe Flash Player <= 19.0.0.226 Multiple Vulnerabilities (APSB15-28)
+								87244, #Adobe Flash Player <= 19.0.0.245 Multiple Vulnerabilities (APSB15-32)
+								87657, #Adobe Flash Player <= 20.0.0.235 Multiple Vulnerabilities (APSB16-01)
+								88639, #Adobe Flash Player <= 20.0.0.286 Multiple Vulnerabilities (APSB16-04)
+								89834, #Adobe Flash Player <= 20.0.0.306 Multiple Vulnerabilities (APSB16-08)
+								90425, #Adobe Flash Player <= 21.0.0.197 Multiple Vulnerabilities (APSB16-10)
+								91163, #Adobe Flash Player <= 21.0.0.226 Multiple Vulnerabilities (APSB16-15)
+								91670, #Adobe Flash Player <= 21.0.0.242 Multiple Vulnerabilities (APSB16-18)
+								92012, #Adobe Flash Player <= 22.0.0.192 Multiple Vulnerabilities (APSB16-25)
+								93461, #Adobe Flash Player <= 22.0.0.211 Multiple Vulnerabilities (APSB16-29)
+								93960, #Adobe Flash Player <= 23.0.0.162 Multiple Vulnerabilities (APSB16-32)
+								94334, #Adobe Flash Player <= 23.0.0.185 Arbitrary Code Execution (APSB16-36)
+								94628, #Adobe Flash Player <= 23.0.0.205 Multiple Vulnerabilities (APSB16-37)
+								95762, #Adobe Flash Player <= 23.0.0.207 Multiple Vulnerabilities (APSB16-39)
+								96388, #Adobe Flash Player <= 24.0.0.186 Multiple Vulnerabilities (APSB17-02)
+								97142, #Adobe Flash Player <= 24.0.0.194 Multiple Vulnerabilities (APSB17-04)
+								97727, #Adobe Flash Player <= 24.0.0.221 Multiple Vulnerabilities (APSB17-07)
+								99283, #Adobe Flash Player <= 25.0.0.127 Multiple Vulnerabilities (APSB17-10)
+								100052, #Adobe Flash Player <= 25.0.0.148 Multiple Vulnerabilities (APSB17-15)
+								102262, #Adobe Flash Player <= 26.0.0.137 Multiple Vulnerabilities (APSB17-23)
+								101362, #Adobe Flash Player <= 26.0.0.131 Multiple Vulnerabilities (APSB17-21)
+								103124, #Adobe Flash Player <= 26.0.0.151 Multiple Vulnerabilities (APSB17-28)
+								103922, #Adobe Flash Player <= 27.0.0.159 Type Confusion Vulnerability (APSB17-32)
+								108958, #Adobe Flash Player <= 29.0.0.113 (APSB18-08)
+								104544, #Adobe Flash Player <= 27.0.0.183 (APSB17-33)
+105691, #Adobe Flash Player <= 28.0.0.126 (APSB18-01)
+106606, #Adobe Flash Player <= 28.0.0.137 Use-after-free Remote Code Execution (APSA18-01) (APSB18-03)
+108281, #Adobe Flash Player <= 28.0.0.161 (APSB18-05)
+109601, #Adobe Flash Player <= 29.0.0.140 (APSB18-16)
+105175, #Adobe Flash Player <= 27.0.0.187 (APSB17-42)
+110397, #Adobe Flash Player <= 29.0.0.171 (APSB18-19)
+111683, #Adobe Flash Player <= 30.0.0.134 (APSB18-25)
+110979, #Adobe Flash Player <= 30.0.0.113 (APSB18-24)
+119094, #Adobe Flash Player <= 31.0.0.148 (APSB18-44)
+119462, #Adobe Flash Player <= 31.0.0.153 (APSB18-42)
+123938, #Adobe Flash Player <= 32.0.0.156 (APSB19-19)
+125056, #Adobe Flash Player <= 32.0.0.171 (APSB19-26)
+125815, #Adobe Flash Player <= 32.0.0.192 (APSB19-30)
+125827, #KB4503308: Security update for Adobe Flash Player (June 2019)
+125068, #KB4497932: Security update for Adobe Flash Player (May 2019)
+104547, #KB4048951: Security update for Adobe Flash Player (November 2017)
+105693, #KB4056887: Security update for Adobe Flash Player (January 2018)
+106655, #KB4074595: Security update for Adobe Flash Player (February 2018)
+108287, #KB4088785: Security update for Adobe Flash Player (March 2018)
+118909, #Adobe Flash Player <= 31.0.0.122 (APSB18-39)
+122117, #Adobe Flash Player <= 32.0.0.114 (APSB19-06)
+117419, #KB4457146: Security update for Adobe Flash Player (September 2018)
+118917, #KB4467694: Security update for Adobe Flash Player (November 2018)
+122130, #KB4487038: Security update for Adobe Flash Player (February 2019)
+128633, #Adobe Flash Player <= 32.0.0.238 (APSB19-46)
+117410, #Adobe Flash Player <= 30.0.0.154 (APSB18-31)
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,62 +31,80 @@ module Risu
 						{
 							:description => "Adobe Reader Patch Rollup",
 							:plugin_id => -99998,
-							:plugin_name => "Update to the latest Adobe Reader",
+							:plugin_name => "Missing the latest Adobe Reader Patches",
 							:item_name => "Update to the latest Adobe Reader",
 							:plugin_ids => [
-								30200,
-								33256,
-								34695,
-								35821,
-								38746,
-								39355,
-								42120,
-								43876,
-								44644,
-								45505,
-								47165,
-								48375,
-								49173,
-								50614,
-								51925,
-								55144,
-								56198,
-								56213,
-								66517,
-								66542,
-								74012,
-								58683,
-								61562,
-								63454,
-								64786,
-								66410,
-								69846,
-								71947,
-								57043,
-								57484,
-								24002,
-								23776,
-								23975,
-								52672,
-								53451,
-								21698,
-								77712,
-								79856,
-								77175,
-								83471,
-								40494,
-								27584,
-								86403,
-								87918,
-								89831,
-								70343,
-								91097,
-								92035,
-								94072,
-								96453,
-								99374,
-								
-
+71947, #Adobe Reader < 10.1.9 / 11.0.6 Multiple Vulnerabilities (APSB14-01)
+30200, #Adobe Reader < 7.1.0 / 8.1.2 Multiple Vulnerabilities
+33256, #Adobe Reader < 7.1.0 / 8.1.2 SU1 Unspecified JavaScript Method Handling Arbitrary Code Execution
+34695, #Adobe Reader < 8.1.3 / 9.0 Multiple Vulnerabilities
+35821, #Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities
+38746, #Adobe Reader getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)
+39355, #Adobe Reader < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities
+42120, #Adobe Reader < 9.2 / 8.1.7 / 7.1.4  Multiple Vulnerabilities (APSB09-15)
+43876, #Adobe Reader < 9.3 / 8.2  Multiple Vulnerabilities (APSB10-02)
+44644, #Adobe Reader < 9.3.1 / 8.2.1  Multiple Vulnerabilities (APSB10-07)
+45505, #Adobe Reader < 9.3.2 / 8.2.2  Multiple Vulnerabilities (APSB10-09)
+47165, #Adobe Reader < 9.3.3 / 8.2.3  Multiple Vulnerabilities (APSB10-15)
+48375, #Adobe Reader < 9.3.4 / 8.2.4  Multiple Vulnerabilities (APSB10-17)
+49173, #Adobe Reader < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)
+50614, #Adobe Reader < 9.4.1 Multiple Vulnerabilities (APSB10-28)
+51925, #Adobe Reader < 10.0.1 / 9.4.2 / 8.2.6 Multiple Vulnerabilities (APSB11-03)
+55144, #Adobe Reader < 10.1 / 9.4.5 / 8.3 Multiple Vulnerabilities (APSB11-16)
+56198, #Adobe Reader < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24)
+74012, #Adobe Reader < 10.1.10 / 11.0.07 Multiple Vulnerabilities (APSB14-15)
+58683, #Adobe Reader < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)
+61562, #Adobe Reader < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)
+63454, #Adobe Reader < 11.0.1 / 10.1.5 / 9.5.3 Multiple Vulnerabilities (APSB13-02)
+64786, #Adobe Reader < 11.0.2 / 10.1.6 / 9.5.4 Multiple Vulnerabilities (APSB13-07)
+66410, #Adobe Reader < 11.0.3 / 10.1.7 / 9.5.5 Multiple Vulnerabilities (APSB13-15)
+69846, #Adobe Reader < 11.0.4 / 10.1.8 Multiple Vulnerabilities (APSB13-22)
+71947, #Adobe Reader < 10.1.9 / 11.0.6 Multiple Vulnerabilities (APSB14-01)
+57043, #Adobe Reader < 9.4.7 Multiple Memory Corruption Vulnerabilities (APSB11-30)
+57484, #Adobe Reader < 10.1.2 / 9.5 Multiple Vulnerabilities (APSB12-01)
+24002, #Adobe Reader < 6.0.6 / 7.0.9 Multiple Vulnerabilities
+23776, #Adobe Reader < 8.0 AcroPDF ActiveX Control Multiple Vulnerabilities
+23975, #Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)
+52672, #Adobe Reader 9.x / 10.x Unspecified Memory Corruption (APSB11-06)
+53451, #Adobe Reader 9.x / 10.x Multiple Vulnerabilities (APSB11-08)
+21698, #Adobe Reader < 7.0.8 Multiple Unspecified Vulnerabilities
+77712, #Adobe Reader < 10.1.12 / 11.0.09 Multiple Vulnerabilities (APSB14-20)
+79856, #Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)
+77175, #Adobe Reader < 10.1.11 / 11.0.08 Sandbox Bypass (APSB14-19)
+83471, #Adobe Reader < 10.1.14 / 11.0.11 Multiple Vulnerabilities (APSB15-10)
+40494, #Adobe Reader < 9.1.3 Flash Handling Unspecified Arbitrary Code Execution (APSB09-10)
+27584, #Adobe Reader < 8.1.1 Crafted PDF File Arbitrary Code Execution
+86403, #Adobe Reader <= 10.1.15 / 11.0.12 / 2015.006.30060 / 2015.008.20082 Multiple Vulnerabilities (APSB15-24)
+87918, #Adobe Reader < 11.0.14 / 15.006.30119 / 15.010.20056 Multiple Vulnerabilities (APSB16-02)
+89831, #Adobe Reader < 11.0.15 / 15.006.30121 / 15.010.20060 Multiple Vulnerabilities (APSB16-09)
+70343, #Adobe Reader 11.0.4 Crafted PDF File Handling JavaScript Scheme URI Execution (APSB13-25)
+91097, #Adobe Reader < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)
+92035, #Adobe Reader < 11.0.17 / 15.006.30198 / 15.017.20050 Multiple Vulnerabilities (APSB16-26)
+94072, #Adobe Reader < 11.0.18 / 15.006.30243 / 15.020.20039 Multiple Vulnerabilities (APSB16-33)
+96453, #Adobe Reader < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01)
+99374, #Adobe Reader < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11)
+102428, #Adobe Reader < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)
+104627, #Adobe Reader < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)
+104626, #Adobe Acrobat < 11.0.23 / 2015.006.30392 / 2017.011.30068 / 2018.009.20044 Multiple Vulnerabilities (APSB17-36)
+111794, #Adobe Reader <= 2015.006.30434 / 2017.011.30096 / 2018.011.20055 Multiple Vulnerabilities (APSB18- 29)
+117600, #Adobe Reader <= 2015.006.30448 / 2017.011.30099 / 2018.011.20058 Multiple Vulnerabilities (APSB18- 34)
+117877, #Adobe Reader <= 2015.006.30452 / 2017.011.30102 / 2018.011.20063 Multiple Vulnerabilities (APSB18- 30)
+106846, #Adobe Reader <= 2015.006.30394 / 2017.011.30070 / 2018.009.20050 Multiple Vulnerabilities (APSB18- 02)
+109896, #Adobe Reader <= 2015.006.30417 / 2017.011.30079 / 2018.011.20038 Multiple Vulnerabilities (APSB18- 09)
+111012, #Adobe Reader <= 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18- 21)
+119676, #Adobe Reader <= 15.006.30457 / 17.011.30106 / 19.008.20081 Multiple Vulnerabilities (APSB18-41)
+120952, #Adobe Reader <= 2015.006.30461 / 2017.011.30110 / 2019.010.20064 Multiple Vulnerabilities (APSB19- 02)
+122253, #Adobe Reader < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19- 07)
+122368, #Adobe Reader <= 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Vulnerability (APSB19-13)
+117876, #Adobe Acrobat <= 15.006.30452 / 17.011.30102 / 18.011.20063 Multiple Vulnerabilities (APSB18-30)
+120951, #Adobe Acrobat <= 2015.006.30461 / 2017.011.30110 / 2019.010.20064 Multiple Vulnerabilities (APSB19- 02)
+122252, #Adobe Acrobat < 2019.010.20091 / 2017.011.30120 / 2015.006.30475 Multiple Vulnerabilities (APSB19- 07)
+122367, #Adobe Acrobat <= 2015.006.30475 / 2017.011.30120 / 2019.010.20091 Vulnerability (APSB19-13)
+119675, #Adobe Acrobat <= 15.006.30457 / 17.011.30106 / 19.008.20081 Multiple Vulnerabilities (APSB18-41)
+125222, #Adobe Reader <= 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19- 18)
+127904, #Adobe Reader <= 2015.006.30498 / 2017.011.30143 / 2019.012.20035 Multiple Vulnerabilities (APSB19- 41)
+124008, #Adobe Reader <= 2015.006.30482 / 2017.011.30127 / 2019.010.20098 Multiple Vulnerabilities (APSB19- 17)
+118932, #Adobe Reader <= 15.006.30456 / 17.011.30105 / 19.008.20080 NTLM SSO Hash Theft (APSB18-40)
 
 							]
 						}

data/lib/risu/parsers/nessus/postprocess/adobe_shockwave_player.rb

@@ -0,0 +1,74 @@
+# Copyright (c) 2010-2020 Jacob Hammack.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class AdobeShockwavePlayer < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "Adobe Shockwave Player Patch Rollup",
+							:plugin_id => -99991,
+							:plugin_name => "Missing the latest Adobe Shockwave Player Patches",
+							:item_name => "Update to the latest Adobe Shockwave Player",
+							:plugin_ids => [
+								72435, #Shockwave Player <= 12.0.7.148 Multiple Memory Corruption Vulnerabilities (APSB14-06)
+								72983, #Shockwave Player <= 12.0.9.149 Unspecified Memory Corruption Vulnerabilities (APSB14-10)
+								42369, #Shockwave Player <= 11.5.1.601 Multiple Vulnerabilities (APSB09-16)
+								51936, #Shockwave Player < 11.5.9.620 (APSB11-01)
+								71342, #Shockwave Player <= 12.0.6.147 Memory Corruptions (APSB13-29)
+								44094, #Shockwave Player < 11.5.6.606 Multiple Vulnerabilities (APSB10-03)
+								39564, #Shockwave Player Crafted Director File Handling Remote Code Execution (APSB09-08)
+								40421, #Shockwave Player < 11.5.0.601 Multiple Vulnerabilities (APSB09-11)
+								44094, #Shockwave Player < 11.5.6.606 Multiple Vulnerabilities (APSB10-03)
+								46329, #Shockwave Player < 11.5.7.609 Multiple Vulnerabilities (APSB10-12)
+								48436, #Shockwave Player < 11.5.8.612
+								50387, #Shockwave Player < 11.5.9.615
+								55142, #Shockwave Player < 11.6.0.626 (APSB11-17)
+								55833, #Shockwave Player < 11.6.1.629 Multiple Memory Corruption Vulnerabilities (APSB11-19)
+								56734, #Shockwave Player <= 11.6.1.629 Multiple Memory Corruption Vulnerabilities (APSB11-27)
+								57941, #Shockwave Player <= 11.6.3.633 Multiple Code Execution Vulnerabilities (APSB12-02)
+								59047, #Shockwave Player <= 11.6.4.634 Multiple Memory Corruption Vulnerabilities (APSB12-13)
+								61536, #Shockwave Player <= 11.6.5.635 Multiple Memory Corruption Vulnerabilities (APSB12-17)
+								62702, #Shockwave Player <= 11.6.7.637 Multiple Vulnerabilities (APSB12-23)
+								64621, #Shockwave Player <= 11.6.8.638 Multiple Vulnerabilities (APSB13-06)
+								65913, #Shockwave Player <= 12.0.0.112 Multiple Vulnerabilities (APSB13-12)
+								67233, #Shockwave Player <= 12.0.2.122 Memory Corruption (APSB13-18)
+								69844, #Shockwave Player <= 12.0.3.133 Memory Corruption Vulnerabilities (APSB13-23)
+								84765, #Adobe Shockwave Player <= 12.1.8.158 Multiple RCE Vulnerabilities (APSB15-17)
+								85882, #Adobe Shockwave Player <= 12.1.9.160 Multiple RCE (APSB15-22)
+								86633, #Adobe Shockwave Player <= 12.2.0.162 RCE (APSB15-26)
+								97835, #Adobe Shockwave Player <= 12.2.7.197 DLL Hijacking (APSB17-08)
+								100806, #Adobe Shockwave Player <= 12.2.8.198 Memory Corruption RCE (APSB17-18) -
+								104628, #Adobe Shockwave Player <= 12.2.9.199 Memory Corruption RCE (APSB17-40) 
+								124028, #Adobe Shockwave Player <= 12.3.4.204 Multiple memory corruption vulnerabilities (APSB19-20) (Windows)								
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end