Adobe Flash Player - SANS07C4/SANS07C1

We are running a vulnerability scan and it states that it has found SANS07C4 and SANS07C1 relating to Adobe Reader / Adobe Flash Player.

We have totally uninstalled Adobe Reader / Flash player and cleared out the registry on the computer for anything Adobe / Macromedia related as per their knowledge base articles.

I have contacted GFI who run the LanGuard vulnerability scanner and they are at a loss too.

Would someone know what paths / ocx / dll's these are actually checking for?

Kind Regards and thanks in advance!


4 Posts
The plot thickens - if we run an audit scan again the host with Nessus it only showed that Adobe 13 was installed (it was put back on by a user) and nothing relating to Adobe Flash was exploitable.

Im just wondering what the SANS07C4 is referring to:

ANS07C4: Adobe Flash Player and earlier vulnerable to CSRF attack
Adobe Flash Player and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file.

As only Adobe Flash player 13 is detected as below:

Nessus found the following instances of Flash Player installed on the
remote host :

- ActiveX control (for Internet Explorer) :



4 Posts
As far as SANS is concerned, maybe "SANS07C4" stands for "SANS 2007 Critical Control 4" referring to the SANS Critical Controls. But then again, they are not really that specific.

I think your hunch that this stands for "ANS" not "SANS" makes sense.

4604 Posts
ISC Handler
Hi Johannes,

Thank you very much for your reply - appreciate it.

Unfortunately it line broke me off - when copy pasting!

Best Regards,


4 Posts

Sign Up for Free or Log In to start participating in the conversation!