openSUSE 13.1: 2016:1802-1 Critical: Flash Player Remote Exploits
opensuse
July 14, 2016
An update that fixes 52 vulnerabilities is now available
Description
Adobe Flash Player was updated to 11.2.202.632 to fix many security issues
tracked under the upstream advisory APSB16-25, allowing remote attackers to execute arbitrary code when delivering specially crafted Flash content.
The following vulnerabilities were fixed:
- CVE-2016-4172: memory corruption vulnerability that could lead to code
execution
- CVE-2016-4173: use-after-free vulnerability that could lead to code
execution
- CVE-2016-4174: use-after-free vulnerability that could lead to code
execution
- CVE-2016-4175: memory corruption vulnerability that could lead to code
execution
- CVE-2016-4176: stack corruption vulnerability that could lead to code
execution
- CVE-2016-4177: stack corruption vulnerability that could lead to code
execution
- CVE-2016-4178: security bypass vulnerability that could lead to
information disclosure
- CVE-2016-4179: memory corruption vulnerability that could lead to code
...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1 NonFree:
zypper in -t patch 2016-870=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.1 NonFree (i586 x86_64):
flash-player-11.2.202.632-168.1
flash-player-gnome-11.2.202.632-168.1
flash-player-kde4-11.2.202.632-168.1
References
https://www.suse.com/security/cve/CVE-2016-4172.html
https://www.suse.com/security/cve/CVE-2016-4173.html
https://www.suse.com/security/cve/CVE-2016-4174.html
https://www.suse.com/security/cve/CVE-2016-4175.html
https://www.suse.com/security/cve/CVE-2016-4176.html
https://www.suse.com/security/cve/CVE-2016-4177.html
https://www.suse.com/security/cve/CVE-2016-4178.html
https://www.suse.com/security/cve/CVE-2016-4179.html
https://www.suse.com/security/cve/CVE-2016-4180.html
https://www.suse.com/security/cve/CVE-2016-4181.html
https://www.suse.com/security/cve/CVE-2016-4182.html
https://www.suse.com/security/cve/CVE-2016-4183.html
https://www.suse.com/security/cve/CVE-2016-4184.html
https://www.suse.com/security/cve/CVE-2016-4185.html
https://www.suse.com/security/cve/CVE-2016-4186.html
https://www.suse.com/security/cve/CVE-2016-4187.html
https://www.suse.com/security/cve/CVE-2016-4188.html
https://www.suse.com/security/cve/CVE-2016-4189.html
https://www.suse.com/security/cve/CVE-2016-4190.html
https://www....
Read the Full Advisory
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2016:1802-1
Rating: important
Affected Products:
openSUSE 13.1 NonFree
.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!