Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat 3-5: RHSA-2007:1126-01 Critical: Flash Player Remote Code Execute

red hat
Calendar Grey December 18, 2007
Dist Redhat Esm H88
Adobe Flash Player undergoes important updates to tackle several security vulnerabilities affecting Red Hat's end-of-life versions.
An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rat...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

252292 - CVE-2007-4324 Flash movie can determine whether a TCP port is open 367501 - CVE-2007-5275 Flash plugin DNS rebinding 392911 - CVE-2007-4768: pcre before 7.3 incorrect unicode in char class optimization 412161 - CVE-2007-6242 414501 - CVE-2007-6244 414511 - CVE-2007-6245 414521 - CVE-2007-6246

6. RPMs required:

Red Hat Enterprise Linux AS version 3 Extras:

i386: 909f18bf7e3ba2bd77c486471ed0a649 flash-plugin-9.0.115.0-1.el3.with.oss.i386.rpm

Red Hat Desktop version 3 Extras:

i386: 909f18bf7e3ba2bd77c486471ed0a649 flash-plugin-9.0.115.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux ES version 3 Extras:

i386: 909f18bf7e3ba2bd77c486471ed0a649 flash-plugin-9.0.115.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux WS version 3 Extras:

i386: 909f18bf7e3ba2bd77c486471ed0a649 flash-plugin-9.0.115.0-1.el3.with.oss.i386.rpm

Red Hat Enterprise Linux AS version 4.5.z Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

Red Hat Enterprise Linux AS version 4 Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

Red Hat Desktop version 4 Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

Red Hat Enterprise Linux ES version 4.5.z Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

Red Hat Enterprise Linux ES version 4 Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

Red Hat Enterprise Linux WS version 4 Extras:

i386: f0824c43f26d5b33731a54734d1334f7 flash-plugin-9.0.115.0-1.el4.i386.rpm

RHEL Desktop Supplementary (v. 5 client):

i386: 3263ab995eabfca2783ec2013e9ff901 flash-plugin-9.0.115.0-1.el5.i386.rpm

x86_64: 3263ab995eabfca2783ec2013e9ff901 flash-plugin-9.0.115.0-1.el5.i386.rpm

RHEL Supplementary (v. 5 server):

i386: 3263ab995eabfca2783ec2013e9ff901 flash-plugin-9.0.115.0-1.el5.i386.rpm

x86_64: 3263ab995eabfca2783ec2013e9ff901 flash-plugin-9.0.115.0-1.el5.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-5275 https://www.cve.org/CVERecord?id=CVE-2007-4324 https://www.cve.org/CVERecord?id=CVE-2007-4768 https://www.cve.org/CVERecord?id=CVE-2007-6242 https://www.cve.org/CVERecord?id=CVE-2007-6244 https://www.cve.org/CVERecord?id=CVE-2007-6245 https://www.cve.org/CVERecord?id=CVE-2007-6246 https://access.redhat.com/security/updates/classification#critical

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:1126-01
Issue date: 2007-12-18
Updated on: 2007-12-18
Product: Red Hat Enterprise Linux Extras

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 3 Extras - i386

Red Hat Desktop version 3 Extras - i386

Red Hat Enterprise Linux ES version 3 Extras - i386

Red Hat Enterprise Linux WS version 3 Extras - i386

Red Hat Enterprise Linux AS version 4.5.z Extras - i386

Red Hat Enterprise Linux AS version 4 Extras - i386

Red Hat Desktop version 4 Extras - i386

Red Hat Enterprise Linux ES version 4.5.z Extras - i386

Red Hat Enterprise Linux ES version 4 Extras - i386

Red Hat Enterprise Linux WS version 4 Extras - i386

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64

RHEL Supplementary (v. 5 server) - i386, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here