Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Shockwave 12.0.7.148

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as locked.
csi@ciena.com Shockwave 12.0.7.148
Member 10th Jan, 2014 16:14
Ranking: 0
Posts: 2
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
CSI reporting major version only, not minor. The deployment to 5000+ PCs for 12.0.7.148 all read 12.0.7.0 and are listed as insecure. Scan is current for devices.

M.Strehse RE: Shockwave 12.0.7.148
Secunia Official 13th Jan, 2014 09:12
Score: 0
Posts: 12
User Since: 4th Mar 2013
System Score: N/A
Location: Copenhagen, DK
Hi There,

I have just installed version 12.0.7.148 on one of my Testmachines after a quick scan the version is correctly detected.

How do you scan your devices ?

Best regards,

Maik Strehse
Solution Specialist
Secunia
csi@ciena.com Shockwave 12.0.7.148
Member 13th Jan, 2014 14:37
Last edited on 13th Jan, 2014 14:37 We only import data from SCCM which has the correct version and a manual check of the EXE shows x.148 as well. Secunia seems to be reading it wrong. All 5000+ show adobe\shockwave\swinit.exe being 12.0.7.0
Was this reply relevant?
+0
-0
M.Strehse RE: Shockwave 12.0.7.148
Secunia Official 17th Jan, 2014 08:48
Score: 0
Posts: 12
User Since: 4th Mar 2013
System Score: N/A
Location: Copenhagen, DK
Hi There,

please contact our Customer Support Team at csc@secunia.com to have one of our technicians look at your environment and further investigation.

Best regards,

Maik Strehse
Solution Specialist
Secunia
eobiont RE: Shockwave 12.0.7.148
Member 21st Jan, 2014 19:40
Score: 0
Posts: 6
User Since: 25th Oct 2012
System Score: N/A
Location: US
I have run into this problem myself. It is a reporting error, but the machines still seem to be taking the update. I suppose we will run into trouble when/if an update is released where only that last (4th) version part is changed and the first three parts remain. As far as I can tell, there is no version of 12.0.7 that is not r148 (12.0.7.148).

To be fair, I think this problem is not entirely Secunia's. Looking at the data collected by SCCM, the version information for SWINIT.exe gets reported like '12.0.4r144' or '12.0.7r148' This is found in the SoftwareFile table in SCCM's SQL database.

For now, it would probably be best if Secunia only considered the first three parts when detecting the patched status. Either that, or the process that imports the data from SCCM would need to be modified so that it converts 12.0.4r144 to 12.0.4.144

In Explorer, the version of the file is detected as 12.0.4.144 but SCCM doesn't collect it that way. I can see both sides of this one. Secunia can only see the information that SCCM collects, but if Secunia wants to sell an SCCM importer, it should be able to translate the data in SCCM to what Secunia wants in their product.
Was this reply relevant?
+0
-0
r.danailov RE: Shockwave 12.0.7.148
Secunia Official 28th Jan, 2014 10:00
Score: 25
Posts: 129
User Since: 3rd Jan 2012
System Score: N/A
Location: Copenhagen, DK
Last edited on 28th Jan, 2014 10:01
Hi,

Secunia CSC have seen similar issues occurring in rare occasions in the past, as there may be several reasons causing such mishandling of the metadata of your software. As we are unfortunate to be unable to replicate the same issue at our test lab, we kindly request customers experiencing this issue, or similar relating to another software, to report their cases to csc@secunia.com including short introduction to your observations, and if possible, screens and log files that factual confirm the issue and present relevant system information to us.

We like to thank you for your comments and suggestions so far. While the suggestion to detect the first 3 extensions of the version number sounds good, this is not the most efficient method to resolve similar problems because it's somewhat based on assumption that the last numbers always match (which may as well be changed on the fly by the vendor thus causing additional issues and not really solving the problem). Rather we tend to interpret incorrectly presented version numbers into the correct numbers by placing logic within our rules.

Please note that when scan data is received by the CSI, the latter compares the versions of the detected software against the Patched version numbers for that program (which is the next secure version). Whether CSI presented "12.0.7" or "12.0.7.148" wouldn't matter as long as none of these is a secure version. They all get the same recommendation to patch to the same version. This means that SPS packages will not be affected by the version number problem and packages will install correctly. If CSI detects an Insecure program version as Patched, then this is a real problem to SPS patching.

We would once again highly recommend you to report your case to csc@secunia.com.We may as well request you to participate at a remote session which would aim to detect and resolve the issue on the spot. If we determine the issue, but we are unable to solve it, we will request our Dev team to investigate promptly.

We are looking forward towards receiving your email.

Kind regards / Stay Secure
Rosen Danailov / Security+
Secunia Customer Support

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability