GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Dec 11, 2014 7:26 am Post subject: [ GLSA 201412-07 ] Adobe Flash Player: Multiple vulnerabilit |
|
|
Gentoo Linux Security Advisory
Title: Adobe Flash Player: Multiple vulnerabilities (GLSA 201412-07)
Severity: normal
Exploitable: remote
Date: December 11, 2014
Bug(s): #530692, #532074
ID: 201412-07
Synopsis
Multiple vulnerabilities have been found in Adobe Flash Player, the
worst of which allows remote attackers to execute arbitrary code.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Affected Packages
Package: www-plugins/adobe-flash
Vulnerable: < 11.2.202.425
Unaffected: >= 11.2.202.425
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-11.2.202.425"
|
References
CVE-2014-0580
CVE-2014-0587
CVE-2014-8439
CVE-2014-8443
CVE-2014-9162
CVE-2014-9163
CVE-2014-9164 |
|