GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Nov 22, 2016 3:26 pm Post subject: [ GLSA 201611-18 ] Adobe Flash Player |
|
|
Gentoo Linux Security Advisory
Title: Adobe Flash Player: Multiple vulnerabilities (GLSA 201611-18)
Severity: normal
Exploitable: remote
Date: November 22, 2016
Bug(s): #599204
ID: 201611-18
Synopsis
Multiple vulnerabilities have been found in Adobe Flash Player, the
worst of which allows remote attackers to execute arbitrary code.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Affected Packages
Package: www-plugins/adobe-flash
Vulnerable: < 23.0.0.207
Unaffected: >= 23.0.0.207
Unaffected: >= 11.2.202.644 < 11.2.202.645
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player 23.x users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-23.0.0.207"
| All Adobe Flash Player 11.x users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-11.2.202.644"
|
References
CVE-2016-7857
CVE-2016-7858
CVE-2016-7859
CVE-2016-7860
CVE-2016-7861
CVE-2016-7862
CVE-2016-7863
CVE-2016-7864
CVE-2016-7865 |
|