Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Gentoo GLSA 201101-09 Normal: Adobe Flash Player Remote Threats

gentoo
Calendar Grey January 21, 2011
Dist Gentoo Esm H88
The use of Adobe Flash Player on Gentoo systems presents numerous security risks, potentially resulting in unauthorized remote code execution and disruptions of service.
Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service.

Summary

Multiple vulnerabilities were discovered in Adobe Flash Player. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code adobe flash

Resolution

All Adobe Flash Player users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-plugins/adobe-flash-10.1.102.64"

References

[ 1 ] APSB10-06 [ 2 ] APSB10-14 [ 3 ] APSB10-16 [ 4 ] APSB10-22 [ 5 ] APSB10-26 [ 6 ] CVE-2008-4546 https://www.cve.org/CVERecord?id=CVE-2008-4546 [ 7 ] CVE-2009-3793 https://www.cve.org/CVERecord?id=CVE-2009-3793 [ 8 ] CVE-2010-0186 https://www.cve.org/CVERecord?id=CVE-2010-0186 [ 9 ] CVE-2010-0187 https://www.cve.org/CVERecord?id=CVE-2010-0187 [ 10 ] CVE-2010-0209 https://www.cve.org/CVERecord?id=CVE-2010-0209 [ 11 ] CVE-2010-1297 https://www.cve.org/CVERecord?id=CVE-2010-1297 [ 12 ] CVE-2010-2160 https://www.cve.org/CVERecord?id=CVE-2010-2160 [ 13 ] CVE-2010-2161 https://www.cve.org/CVERecord?id=CVE-2010-2161 [ 14 ] CVE-2010-2162 https://www.cve.org/CVERecord?id=CVE-2010-2162 [ 15 ] CVE-2010-2163 https://www.cve.org/CVERecord?id=CVE-2010-2163 [ 16 ] CVE-2010-2164 https://www.cve.org/CVERecord?id=CVE-2010-2164 [ 17...

Read the Full Advisory

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201101-09
style>.gentoo_availability{display:block;}

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity: Normal
Title: Adobe Flash Player: Multiple vulnerabilities
Date: January 21, 2011
Bugs: #307749, #322855, #332205, #337204, #343089
ID: 201101-09

Topics%20covered

Topics Covered

security advisory denial of service gentoo remote code adobe flash

Synopsis

Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service.

Background

The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/adobe-flash < 10.1.102.64 >= 10.1.102.64

Impact

===== A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service.

Workaround

There is no known workaround at this time.

Related News

Your message here