ArchLinux: 201612-17: lib32-flashplugin: multiple issues
Summary
- CVE-2016-7867 (arbitrary code execution)
A buffer overflow vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7868 (arbitrary code execution)
A buffer overflow vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7869 (arbitrary code execution)
A buffer overflow vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7870 (arbitrary code execution)
A buffer overflow vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7871 (arbitrary code execution)
A memory corruption vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7872 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7873 (arbitrary code execution)
A memory corruption vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7874 (arbitrary code execution)
A memory corruption vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7875 (arbitrary code execution)
A memory corruption vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7876 (arbitrary code execution)
A memory corruption vulnerability leading to code execution has been
found in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7877 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7878 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7879 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7880 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7881 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
- CVE-2016-7890 (access restriction bypass)
A security bypass vulnerability has been found in Adobe Flash Player <
24.0.0.186.
- CVE-2016-7892 (arbitrary code execution)
A use-after-free vulnerability leading to code execution has been found
in Adobe Flash Player < 24.0.0.186.
Resolution
Upgrade to 24.0.0.186-1.
# pacman -Syu "lib32-flashplugin>=24.0.0.186-1"
The problems have been fixed upstream in version 24.0.0.186.
References
https://helpx.adobe.com/support/programs/support-options-free-discontinued-apps-services.html https://access.redhat.com/security/cve/CVE-2016-7867 https://access.redhat.com/security/cve/CVE-2016-7868 https://access.redhat.com/security/cve/CVE-2016-7869 https://access.redhat.com/security/cve/CVE-2016-7870 https://access.redhat.com/security/cve/CVE-2016-7871 https://access.redhat.com/security/cve/CVE-2016-7872 https://access.redhat.com/security/cve/CVE-2016-7873 https://access.redhat.com/security/cve/CVE-2016-7874 https://access.redhat.com/security/cve/CVE-2016-7875 https://access.redhat.com/security/cve/CVE-2016-7876 https://access.redhat.com/security/cve/CVE-2016-7877 https://access.redhat.com/security/cve/CVE-2016-7878 https://access.redhat.com/security/cve/CVE-2016-7879 https://access.redhat.com/security/cve/CVE-2016-7880 https://access.redhat.com/security/cve/CVE-2016-7881 https://access.redhat.com/security/cve/CVE-2016-7890 https://access.redhat.com/security/cve/CVE-2016-7892
Workaround
None.