Explore top 10 tips to secure your open-source projects now. Read More
×The package flashplugin before version 32.0.0.171-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201904-8 ======================================== Severity: Critical Date : 2019-04-12 CVE-ID : CVE-2019-7096 CVE-2019-7108 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-949 Summary ====== The package flashplugin before version 32.0.0.171-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 32.0.0.171-1. # pacman -Syu "flashplugin> =32.0.0.171-1" The problems have been fixed upstream in version 32.0.0.171. Workaround ========= None. Description ========== - CVE-2019-7096 (arbitrary code execution) An arbitrary code execution issue has been found in Adobe Flash Player before 32.0.0.171. - CVE-2019-7108 (information disclosure) An out-of-bounds read has been found in Adobe Flash Player before 32.0.0.171. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2019-7096 https://security.archlinux.org/CVE-2019-7108 . Debian Security Notice DSA-2019-1234 tackles severe flaws in libpng affecting various components.. Arch Linux, Flashplugin Security, Critical Threat, Remote Attack, Flashplayer Issues. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 31.0.0.153-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201811-19 ========================================= Severity: Critical Date : 2018-11-22 CVE-ID : CVE-2018-15981 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-818 Summary ====== The package flashplugin before version 31.0.0.153-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 31.0.0.153-1. # pacman -Syu "flashplugin> =31.0.0.153-1" The problem has been fixed upstream in version 31.0.0.153. Workaround ========= None. Description ========== A type confusion vulnerability has been found in Adobe Flash Player versions prior to 31.0.0.153. Impact ===== A remote attacker can execute arbitrary code via a crafted Flash file. References ========= https://security.archlinux.org/CVE-2018-15981 . Arch Linux Security Advisory ASA-202312-05: Urgent update for libpng addressing potential memory corruption vulnerability.. Flash Plugin Update, Arch Linux Advisory, Security Updates. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 30.0.0.113-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201806-7 ======================================== Severity: Critical Date : 2018-06-09 CVE-ID : CVE-2018-4945 CVE-2018-5000 CVE-2018-5001 CVE-2018-5002 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-716 Summary ====== The package flashplugin before version 30.0.0.113-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 30.0.0.113-1. # pacman -Syu "flashplugin> =30.0.0.113-1" The problems have been fixed upstream in version 30.0.0.113. Workaround ========= None. Description ========== - CVE-2018-4945 (arbitrary code execution) A type confusion issue has been found in Adobe Flash Player before 30.0.0.113, leading to arbitrary code execution. - CVE-2018-5000 (information disclosure) An integer overflow issue has been found in Adobe Flash Player before 30.0.0.113, leading to information disclosure. - CVE-2018-5001 (information disclosure) An out-of-bounds read has been found in Adobe Flash Player before 30.0.0.113, leading to information disclosure. - CVE-2018-5002 (arbitrary code execution) A stack-based buffer overflow has been found in Adobe Flash Player before 30.0.0.113, leading to arbitrary code execution. Impact ===== A remote attacker can access sensitive information or execute arbitrary code via a crafted Flash file. References ========= https://security.archlinux.org/CVE-2018-4945 https://security.archlinux.org/CVE-2018-5000 https://security.archlinux.org/CVE-2018-5001 https://security.archlinux.org/CVE-2018-5002 . The Debian Security Announcement DSA-2019-123 outlines severe vulnerabilities in the OpenSSL package that could lead to unauthorized data access.. Arch Linux, Flash Plugin, Critical Issues, RemoteAccess, Code Execution. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 27.0.0.187-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201711-21 ========================================= Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-11213 CVE-2017-11215 CVE-2017-11225 CVE-2017-3112 CVE-2017-3114 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-492 Summary ====== The package flashplugin before version 27.0.0.187-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 27.0.0.187-1. # pacman -Syu "flashplugin> =27.0.0.187-1" The problems have been fixed upstream in version 27.0.0.187. Workaround ========= None. Description ========== - CVE-2017-11213 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-11215 (arbitrary code execution) An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-11225 (arbitrary code execution) An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-3112 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-3114 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. Impact ===== A remote attacker is able to execute arbitrary code on the affected host via a specially crafted SWFfile. References ========= https://security.archlinux.org/CVE-2017-11213 https://security.archlinux.org/CVE-2017-11215 https://security.archlinux.org/CVE-2017-11225 https://security.archlinux.org/CVE-2017-3112 https://security.archlinux.org/CVE-2017-3114 . Debian Security Bulletin DSA-2023-3322 warns of a severe vulnerability in the libc library. Immediate update is recommended.. Arch Linux Security, Flashplugin Update, Code Exec Risk. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 27.0.0.170-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201710-20 ========================================= Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-449 Summary ====== The package flashplugin before version 27.0.0.170-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 27.0.0.170-1. # pacman -Syu "flashplugin> =27.0.0.170-1" The problem has been fixed upstream in version 27.0.0.170. Workaround ========= None. Description ========== A type confusion vulnerability has been found in Adobe Flash Player
The package flashplugin before version 26.0.0.151-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201708-2 ======================================== Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-3085 CVE-2017-3106 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-373 Summary ====== The package flashplugin before version 26.0.0.151-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 26.0.0.151-1. # pacman -Syu "flashplugin> =26.0.0.151-1" The problems have been fixed upstream in version 26.0.0.151. Workaround ========= None. Description ========== - CVE-2017-3085 (information disclosure) An information disclosure flaw has been found in Adobe Flash player < 26.0.0.151. - CVE-2017-3106 (arbitrary code execution) A type confusion issue has been found in Adobe Flash player < 26.0.0.151, leading to remote code execution. Impact ===== A remote attacker might be able to access sensitive information or execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3085 https://security.archlinux.org/CVE-2017-3106 . The Flashplugin on Arch Linux contains serious security flaws, please update right away to ensure your system's safety after ASA-201708-2.. Flashplugin Issues, Arch Linux Security, Code Execution Threat. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 26.0.0.137-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201707-10 ========================================= Severity: Critical Date : 2017-07-11 CVE-ID : CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-344 Summary ====== The package flashplugin before version 26.0.0.137-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 26.0.0.137-1. # pacman -Syu "flashplugin> =26.0.0.137-1" The problems have been fixed upstream in version 26.0.0.137. Workaround ========= None. Description ========== - CVE-2017-3080 (information disclosure) A security issue leading to information disclosure has been found in Adobe Flash Player < 26.0.0.137. - CVE-2017-3099 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.137. - CVE-2017-3100 (information disclosure) A memory corruption vulnerability leading to the disclosure of a memory address has been found in Adobe Flash Player < 26.0.0.137. It could be used to bypass some security protections like ASLR. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3080 https://security.archlinux.org/CVE-2017-3099 https://security.archlinux.org/CVE-2017-3100 . Essential security notice ASA-202310-12 for Arch Linux: flashplugin flaws requiring immediate remediation.. Arch Linux, Flashplugin Issues, Remote Code Execution, Information Disclosure. . Severity: Critical. LinuxSecurity.com Team
The package flashplugin before version 26.0.0.126-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201706-14 ========================================= Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-297 Summary ====== The package flashplugin before version 26.0.0.126-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 26.0.0.126-1. # pacman -Syu "flashplugin> =26.0.0.126-1" The problems have been fixed upstream in version 26.0.0.126. Workaround ========= None. Description ========== - CVE-2017-3075 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3076 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3077 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3078 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3079 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3081 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3082 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3083 (arbitrarycode execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3084 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3075 https://security.archlinux.org/CVE-2017-3076 https://security.archlinux.org/CVE-2017-3077 https://security.archlinux.org/CVE-2017-3078 https://security.archlinux.org/CVE-2017-3079 https://security.archlinux.org/CVE-2017-3081 https://security.archlinux.org/CVE-2017-3082 https://security.archlinux.org/CVE-2017-3083 https://security.archlinux.org/CVE-2017-3084 . Serious security flaw detected in Arch Linux flashplugin. Update immediately to mitigate significant threat. Discover details here!. Arbitrary Code Execution, Flashplugin, Arch Linux Advisory. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.