Mageia 2019-0273: Flash Player Plugin Update Critical Code Execution

mageia

September 12, 2019

Updated flash-player-plugin package fixes security vulnerabilities: Same origin method execution that leads to arbitrary code execution in the context of the current user

Summary

Updated flash-player-plugin package fixes security vulnerabilities:
Same origin method execution that leads to arbitrary code execution in the context of the current user. (CVE-2019-8069)
Use after free that leads to arbitrary code execution in the context of the current user. (CVE-2019-8070)

References

- https://bugs.mageia.org/show_bug.cgi?id=25529

- - https://www.cve.org/CVERecord?id=CVE-2019-8069

- https://www.cve.org/CVERecord?id=CVE-2019-8070

Topics Covered

security advisory code execution arbitrary code execution Mageia flash-player-plugin

Resolution

SRPMS

- 7/nonfree/flash-player-plugin-32.0.0.255-1.mga7.nonfree

- 6/nonfree/flash-player-plugin-32.0.0.255-1.mga6.nonfree

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 12 Sep 2019

URL: https://advisories.mageia.org/MGASA-2019-0273.html

Type: security

CVE: CVE-2019-8069, CVE-2019-8070

Topics Covered

security advisory code execution arbitrary code execution Mageia flash-player-plugin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks