[ GLSA 201110-11 ] Adobe Flash Player: Multiple vulnerabilities

[GLSA]

Gentoo Linux Security Advisory

Title: Adobe Flash Player: Multiple vulnerabilities (GLSA 201110-11)
Severity: normal
Exploitable: remote
Date: October 13, 2011
Bug(s): #354207, #359019, #363179, #367031, #370215, #372899, #378637, #384017
ID: 201110-11

Synopsis

Multiple vulnerabilities in Adobe Flash Player might allow remote
attackers to execute arbitrary code or cause a Denial of Service.


Background

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.


Affected Packages

Package: www-plugins/adobe-flash
Vulnerable: < 10.3.183.10
Unaffected: >= 10.3.183.10
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers and Adobe Security Advisories and
Bulletins referenced below for details.


Impact

By enticing a user to open a specially crafted SWF file a remote
attacker could cause a Denial of Service or the execution of arbitrary
code with the privileges of the user running the application.


Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version: