ArchLinux: 201512-7: flashplugin: multiple issues
Summary
- CVE-2015-8045 CVE-2015-8060 CVE-2015-8408 CVE-2015-8416 CVE-2015-8417
CVE-2015-8418 CVE-2015-8419 CVE-2015-8443 CVE-2015-8444 CVE-2015-8047
CVE-2015-8451 CVE-2015-8455 (arbitrary code execution)
Memory corruption vulnerabilities have been discovered that could lead
to arbitrary code execution.
- CVE-2015-8438 CVE-2015-8446 (arbitrary code execution)
Heap buffer overflow vulnerabilities have been discovered that could
lead to arbitrary code execution.
- CVE-2015-8409 CVE-2015-8440 CVE-2015-8453
(security restriction bypass)
Multiple issues have been discovered that are lading to security
restriction bypass.
- CVE-2015-8407 (arbitrary code execution)
A stack overflow vulnerability has been discovered that could lead to
arbitrary code execution.
- CVE-2015-8439 (arbitrary code execution)
A type confusion vulnerability has been discovered that could lead to
arbitrary code execution.
- CVE-2015-8445 (arbitrary code execution)
An integer overflow vulnerability has been discovered that could lead to
arbitrary code execution.
- CVE-2015-8415 (arbitrary code execution)
A buffer overflow vulnerability has been discovered that could lead to
arbitrary code execution.
- CVE-2015-8050 CVE-2015-8049 CVE-2015-8437 CVE-2015-8450 CVE-2015-8449
CVE-2015-8448 CVE-2015-8436 CVE-2015-8452 CVE-2015-8048 CVE-2015-8413
CVE-2015-8412 CVE-2015-8410 CVE-2015-8411 CVE-2015-8424 CVE-2015-8422
CVE-2015-8420 CVE-2015-8421 CVE-2015-8423 CVE-2015-8425 CVE-2015-8433
CVE-2015-8432 CVE-2015-8431 CVE-2015-8426 CVE-2015-8430 CVE-2015-8427
CVE-2015-8428 CVE-2015-8429 CVE-2015-8434 CVE-2015-8435 CVE-2015-8414
CVE-2015-8454 CVE-2015-8059 CVE-2015-8058 CVE-2015-8055 CVE-2015-8057
CVE-2015-8056 CVE-2015-8061 CVE-2015-8067 CVE-2015-8066 CVE-2015-8062
CVE-2015-8068 CVE-2015-8064 CVE-2015-8065 CVE-2015-8063 CVE-2015-8405
CVE-2015-8404 CVE-2015-8402 CVE-2015-8403 CVE-2015-8071 CVE-2015-8401
CVE-2015-8406 CVE-2015-8069 CVE-2015-8070 CVE-2015-8441 CVE-2015-8442
CVE-2015-8447 (arbitrary code execution)
Multiple use-after-free vulnerabilities have been discovered that could
lead to arbitrary code execution.
Resolution
Upgrade to 11.2.202.554-1.
# pacman -Syu "flashplugin>=11.2.202.554-1"
The problems have been fixed upstream in version 11.2.202.554.
References
https://access.redhat.com/security/cve/CVE-2015-8045 https://access.redhat.com/security/cve/CVE-2015-8047 https://access.redhat.com/security/cve/CVE-2015-8048 https://access.redhat.com/security/cve/CVE-2015-8049 https://access.redhat.com/security/cve/CVE-2015-8050 https://access.redhat.com/security/cve/CVE-2015-8055 https://access.redhat.com/security/cve/CVE-2015-8056 https://access.redhat.com/security/cve/CVE-2015-8057 https://access.redhat.com/security/cve/CVE-2015-8058 https://access.redhat.com/security/cve/CVE-2015-8059 https://access.redhat.com/security/cve/CVE-2015-8060 https://access.redhat.com/security/cve/CVE-2015-8061 https://access.redhat.com/security/cve/CVE-2015-8062 https://access.redhat.com/security/cve/CVE-2015-8063 https://access.redhat.com/security/cve/CVE-2015-8064 https://access.redhat.com/security/cve/CVE-2015-8065 https://access.redhat.com/security/cve/CVE-2015-8066 https://access.redhat.com/security/cve/CVE-2015-8067 https://access.redhat.com/security/cve/CVE-2015-8068 https://access.redhat.com/security/cve/CVE-2015-8069 https://access.redhat.com/security/cve/CVE-2015-8070 https://access.redhat.com/security/cve/CVE-2015-8071 https://access.redhat.com/security/cve/CVE-2015-8401 https://access.redhat.com/security/cve/CVE-2015-8402 https://access.redhat.com/security/cve/CVE-2015-8403 https://access.redhat.com/security/cve/CVE-2015-8404 https://access.redhat.com/security/cve/CVE-2015-8405 https://access.redhat.com/security/cve/CVE-2015-8406 https://access.redhat.com/security/cve/CVE-2015-8407 https://access.redhat.com/security/cve/CVE-2015-8408 https://access.redhat.com/security/cve/CVE-2015-8409 https://access.redhat.com/security/cve/CVE-2015-8410 https://access.redhat.com/security/cve/CVE-2015-8411 https://access.redhat.com/security/cve/CVE-2015-8412 https://access.redhat.com/security/cve/CVE-2015-8413 https://access.redhat.com/security/cve/CVE-2015-8414 https://access.redhat.com/security/cve/CVE-2015-8415 https://access.redhat.com/security/cve/CVE-2015-8416 https://access.redhat.com/security/cve/CVE-2015-8417 https://access.redhat.com/security/cve/CVE-2015-8418 https://access.redhat.com/security/cve/CVE-2015-8419 https://access.redhat.com/security/cve/CVE-2015-8420 https://access.redhat.com/security/cve/CVE-2015-8421 https://access.redhat.com/security/cve/CVE-2015-8422 https://access.redhat.com/security/cve/CVE-2015-8423 https://access.redhat.com/security/cve/CVE-2015-8424 https://access.redhat.com/security/cve/CVE-2015-8425 https://access.redhat.com/security/cve/CVE-2015-8426 https://access.redhat.com/security/cve/CVE-2015-8427 https://access.redhat.com/security/cve/CVE-2015-8428 https://access.redhat.com/security/cve/CVE-2015-8429 https://access.redhat.com/security/cve/CVE-2015-8430 https://access.redhat.com/security/cve/CVE-2015-8431 https://access.redhat.com/security/cve/CVE-2015-8432 https://access.redhat.com/security/cve/CVE-2015-8433 https://access.redhat.com/security/cve/CVE-2015-8434 https://access.redhat.com/security/cve/CVE-2015-8435 https://access.redhat.com/security/cve/CVE-2015-8436 https://access.redhat.com/security/cve/CVE-2015-8437 https://access.redhat.com/security/cve/CVE-2015-8438 https://access.redhat.com/security/cve/CVE-2015-8439 https://access.redhat.com/security/cve/CVE-2015-8440 https://access.redhat.com/security/cve/CVE-2015-8441 https://access.redhat.com/security/cve/CVE-2015-8442 https://access.redhat.com/security/cve/CVE-2015-8443 https://access.redhat.com/security/cve/CVE-2015-8444 https://access.redhat.com/security/cve/CVE-2015-8445 https://access.redhat.com/security/cve/CVE-2015-8446 https://access.redhat.com/security/cve/CVE-2015-8447 https://access.redhat.com/security/cve/CVE-2015-8448 https://access.redhat.com/security/cve/CVE-2015-8449 https://access.redhat.com/security/cve/CVE-2015-8450 https://access.redhat.com/security/cve/CVE-2015-8451 https://access.redhat.com/security/cve/CVE-2015-8452 https://access.redhat.com/security/cve/CVE-2015-8453 https://access.redhat.com/security/cve/CVE-2015-8454 https://access.redhat.com/security/cve/CVE-2015-8455 https://helpx.adobe.com/support/programs/support-options-free-discontinued-apps-services.html
Workaround
None.