ArchLinux: 201904-8: flashplugin: multiple issues

    Date24 Apr 2019
    CategoryArchLinux
    263
    Posted ByLinuxSecurity Advisories
    The package flashplugin before version 32.0.0.171-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.
    Arch Linux Security Advisory ASA-201904-8
    =========================================
    
    Severity: Critical
    Date    : 2019-04-12
    CVE-ID  : CVE-2019-7096 CVE-2019-7108
    Package : flashplugin
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-949
    
    Summary
    =======
    
    The package flashplugin before version 32.0.0.171-1 is vulnerable to
    multiple issues including arbitrary code execution and information
    disclosure.
    
    Resolution
    ==========
    
    Upgrade to 32.0.0.171-1.
    
    # pacman -Syu "flashplugin>=32.0.0.171-1"
    
    The problems have been fixed upstream in version 32.0.0.171.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2019-7096 (arbitrary code execution)
    
    An arbitrary code execution issue has been found in Adobe Flash Player
    before 32.0.0.171.
    
    - CVE-2019-7108 (information disclosure)
    
    An out-of-bounds read has been found in Adobe Flash Player before
    32.0.0.171.
    
    Impact
    ======
    
    A remote attacker can execute arbitrary code on the affected host.
    
    References
    ==========
    
    https://helpx.adobe.com/security/products/flash-player/apsb19-19.html
    https://security.archlinux.org/CVE-2019-7096
    https://security.archlinux.org/CVE-2019-7108
    
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"67","title":"HOWTOs","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.