SUSE: 2015:0493-1 Critical: Flash Player Code Execution Risk
suse
March 13, 2015
An update that fixes 11 vulnerabilities is now available
Summary
flash-player has been updated to fix eleven security vulnerabilities:
* Memory corruption vulnerabilities that could have lead to code
execution (CVE-2016-0332, CVE-2015-0333, CVE-2015-0335,
CVE-2015-0339).
* Type confusion vulnerabilities that could have lead to code
execution (CVE-2015-0334, CVE-2015-0336).
* A vulnerability that could have lead to a cross-domain policy bypass
(CVE-2015-0337).
* A vulnerability that could have lead to a file upload restriction
bypass (CVE-2015-0340).
* An integer overflow vulnerability that could have lead to code
execution (CVE-2015-0338).
* Use-after-free vulnerabilities that could have lead to code
execution (CVE-2015-0341, CVE-2015-0342).
Security Issues:
* CVE-2015-0332
References
#922033
Cross- CVE-2015-0332 CVE-2015-0333 CVE-2015-0334
CVE-2015-0335 CVE-2015-0336 CVE-2015-0337
CVE-2015-0338 CVE-2015-0339 CVE-2015-0340
CVE-2015-0341 CVE-2015-0342
Affected Products:
SUSE Linux Enterprise Desktop 11 SP3
https://www.suse.com/security/cve/CVE-2015-0332.html
https://www.suse.com/security/cve/CVE-2015-0333.html
https://www.suse.com/security/cve/CVE-2015-0334.html
https://www.suse.com/security/cve/CVE-2015-0335.html
https://www.suse.com/security/cve/CVE-2015-0336.html
https://www.suse.com/security/cve/CVE-2015-0337.html
https://www.suse.com/security/cve/CVE-2015-0338.html
https://www.suse.com/security/cve/CVE-2015-0339.html
https://www.suse.com/security/cve/CVE-2015-0340.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2015:0493-1
Rating: critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!