Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201204-07 ] Adobe Flash Player: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2663

PostPosted: Wed Apr 18, 2012 2:26 am    Post subject: [ GLSA 201204-07 ] Adobe Flash Player: Multiple vulnerabilit Reply with quote

Gentoo Linux Security Advisory

Title: Adobe Flash Player: Multiple vulnerabilities (GLSA 201204-07)
Severity: normal
Exploitable: remote
Date: April 17, 2012
Bug(s): #390149, #404101, #407023, #410005
ID: 201204-07

Synopsis

Multiple vulnerabilities in Adobe Flash Player, the worst of which
might allow remote attackers to execute arbitrary code.


Background

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.


Affected Packages

Package: www-plugins/adobe-flash
Vulnerable: < 11.2.202.228
Unaffected: >= 11.2.202.228
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.


Impact

A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition. Furthermore,
a remote attacker may be able to bypass intended access restrictions,
bypass cross-domain policy, inject arbitrary web script, or obtain
sensitive information.


Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose
      ">=www-plugins/adobe-flash-11.2.202.228"
   


References

CVE-2011-2445
CVE-2011-2450
CVE-2011-2451
CVE-2011-2452
CVE-2011-2453
CVE-2011-2454
CVE-2011-2455
CVE-2011-2456
CVE-2011-2457
CVE-2011-2458
CVE-2011-2459
CVE-2011-2460
CVE-2012-0752
CVE-2012-0753
CVE-2012-0754
CVE-2012-0755
CVE-2012-0756
CVE-2012-0767
CVE-2012-0768
CVE-2012-0769
CVE-2012-0773
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum