Important Security Update for Ubuntu: USN-2015-2 on Adobe Flash Player
Feb 06, 2015
•
LinuxSecurity Advisories
2 - 3 min read
Topics Covered
The package flashplugin before version 11.2.202.442-1 is vulnerable to remote code execution.
Arch Linux Security Advisory ASA-201502-2 ======================================== Severity: Critical Date : 2015-02-06 CVE-ID : CVE-2015-0313 CVE-2015-0314 CVE-2015-0315 CVE-2015-0316 CVE-2015-0317 CVE-2015-0318 CVE-2015-0319 CVE-2015-0320 CVE-2015-0321 CVE-2015-0322 CVE-2015-0323 CVE-2015-0324 CVE-2015-0325 CVE-2015-0326 CVE-2015-0327 CVE-2015-0328 CVE-2015-0329 CVE-2015-0330 Package : flashplugin Type : remote code execution Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package flashplugin before version 11.2.202.442-1 is vulnerable to remote code execution. Resolution ========= Upgrade to 11.2.202.442-1. # pacman -Syu "flashplugin>=11.2.202.442-1" The problem has been fixed upstream in version 11.2.202.442. Workaround ========= None. Description ========== - CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322 Use-after-free vulnerabilities leading to arbitrary code execution. - (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, CVE-2015-0330 Memory corruption vulnerabilities leading to arbitrary code execution. - CVE-2015-0317, CVE-2015-0319 Type confusion vulnerabilities leading to arbitrary code execution. - CVE-2015-0323, CVE-2015-0327 Heap overflow vulnerabilities leading to arbitrary code execution. - CVE-2015-0324 Buffer overflow vulnerability leading to arbitrary code execution. - CVE-2015-0325, CVE-2015-0326, CVE-2015-0328 Null-pointer dereference issues, possibly leading to denial of service or other unspecified impact. Impact ===== A remote attacker can execute arbitrary code. References ========= https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0313 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0314 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0315 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0316 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0317 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0318 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0319 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0320 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0321 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0322 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0323 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0324 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0325 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0326 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0327 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0328 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0329 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0330
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!