SUSE: 2011:0640-1 Critical: Flash Player Memory Corruption

Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/34053_1edcd913e2b52798c5b9126b8927230e on line 19

   SUSE Security Update: flash-player
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0640-1
Rating:             critical
References:         #699942 
Cross-References:   CVE-2011-2110
Affected Products:
                    SUSE Linux Enterprise Desktop 11 SP1
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   A critical vulnerability has been identified in Adobe Flash
   Player  10.3.181.23 and earlier versions for Windows,
   Macintosh, Linux and Solaris,  and Adobe Flash Player
   10.3.185.23 and earlier versions for Android. This  memory
   corruption vulnerability (CVE-2011-2110) could cause a
   crash and  potentially allow an attacker to take control of
   the affected system. There  are reports that this
   vulnerability is being exploited in the wild in  targeted
   attacks via malicious Web pages.

   Security Issue references:

   * CVE-2011-2110
   


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Desktop 11 SP1:

      zypper in -t patch sledsp1-flash-player-4715

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 10.3.181.26]:

      flash-player-10.3.181.26-0.2.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 10.3.181.26]:

      flash-player-10.3.181.26-0.5.1


References:

   https://www.suse.com/security/cve/CVE-2011-2110.html