SUSE: 2011:0894-1 Critical: Flash Player Flaw Lets Code Run Unchecked
suse
August 12, 2011
An update that fixes 13 vulnerabilities is now available
Summary
Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3997267_1edcd913e2b52798c5b9126b8927230e on line 19
SUSE Security Update: Security update for flash-player
______________________________________________________________________________
Announcement ID: SUSE-SU-2011:0894-1
Rating: critical
References: #711427
Cross-References: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135
CVE-2011-2136 CVE-2011-2137 CVE-2011-2138
CVE-2011-2139 CVE-2011-2140 CVE-2011-2414
CVE-2011-2415 CVE-2011-2416 CVE-2011-2417
CVE-2011-2425
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
It includes one version update.
Description:
The update to Flash-Player 10.3.188.5 fixes various
security issues:
* CVE-2011-2130: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2134: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2135: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2136: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2137: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2138: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2139: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2140: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2414: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2415: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2416: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2417: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
* CVE-2011-2425: CVSS v2 Base Score: 6.8
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
This update resolves a buffer overflow vulnerability that
could lead to code execution (CVE-2011-2130).
This update resolves a buffer overflow vulnerability that
could lead to code execution (CVE-2011-2134).
This update resolves a memory corruption vulnerability that
could lead to code execution (CVE-2011-2135).
This update resolves an integer overflow vulnerability that
could lead to code execution (CVE-2011-2136).
This update resolves a buffer overflow vulnerability that
could lead to code execution (CVE-2011-2137).
This update resolves an integer overflow vulnerability that
could lead to code execution (CVE-2011-2138).
This update resolves a cross-site information disclosure
vulnerability that could lead to code execution
(CVE-2011-2139).
This update resolves a memory corruption vulnerability that
could lead to code execution (CVE-2011-2140).
This update resolves a buffer overflow vulnerability that
could lead to code execution (CVE-2011-2414).
This update resolves a buffer overflow vulnerability that
could lead to code execution (CVE-2011-2415).
This update resolves an integer overflow vulnerability that
could lead to code execution (CVE-2011-2416).
This update resolves a memory corruption vulnerability that
could lead to code execution (CVE-2011-2417).
This update resolves a memory corruption vulnerability that
could lead to code execution (CVE-2011-2425).
Security Issue references:
* CVE-2011-2130
Topics Covered
References
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Warning: Undefined array key "block1" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3997267_c1d2d4f425d79c8c327f2b8603847ec6 on line 11
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!