Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

SUSE: 2017:0108-1 Important: Flash Player Code Execution Threats

suse
Calendar Grey January 11, 2017
Dist Suse Esm H88
SUSE has released a security update for flash-player that fixes several critical vulnerabilities. It is important to implement these updates promptly.
An update that fixes 13 vulnerabilities is now available

Summary

This update to Adobe Flash 24.0.0.194 fixes the following vulnerabilities advised under APSB17-02: - security bypass vulnerability that could lead to information disclosure (CVE-2017-2938) - use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937) - heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935) - memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1:

References

#1019129

Cross- CVE-2017-2925 CVE-2017-2926 CVE-2017-2927

CVE-2017-2928 CVE-2017-2930 CVE-2017-2931

CVE-2017-2932 CVE-2017-2933 CVE-2017-2934

CVE-2017-2935 CVE-2017-2936 CVE-2017-2937

CVE-2017-2938

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP1

SUSE Linux Enterprise Desktop 12-SP1

https://www.suse.com/security/cve/CVE-2017-2925.html

https://www.suse.com/security/cve/CVE-2017-2926.html

https://www.suse.com/security/cve/CVE-2017-2927.html

https://www.suse.com/security/cve/CVE-2017-2928.html

https://www.suse.com/security/cve/CVE-2017-2930.html

https://www.suse.com/security/cve/CVE-2017-2931.html

https://www.suse.com/security/cve/CVE-2017-2932.html

https://www.suse.com/security/cve/CVE-2017-2933.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:0108-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.