GLSA Advocate

Joined: 12 May 2004 Posts: 2140
|
Posted: Sun Oct 22, 2017 2:26 am Post subject: [ GLSA 201710-22 ] Adobe Flash Player |
|
|
Gentoo Linux Security Advisory
Title: Adobe Flash Player: Remote execution of arbitrary code (GLSA 201710-22)
Severity: normal
Exploitable: remote
Date: 2017-10-22
Bug(s): #634456
ID: 201710-22
Synopsis
A vulnerability in Adobe Flash Player might allow remote attackers
to execute arbitrary code.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Affected Packages
Package: www-plugins/adobe-flash
Vulnerable: < 27.0.0.170
Unaffected: >= 27.0.0.170
Architectures: All supported architectures
Description
A critical type confusion vulnerability was discovered in Adobe Flash
Player.
Impact
A remote attacker could execute arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-27.0.0.170"
|
References
CVE-2017-11292
Last edited by GLSA on Mon Jan 15, 2018 4:16 am; edited 1 time in total |
|