GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Apr 18, 2012 2:26 am Post subject: [ GLSA 201204-07 ] Adobe Flash Player: Multiple vulnerabilit |
 |
|
Gentoo Linux Security Advisory
Title: Adobe Flash Player: Multiple vulnerabilities (GLSA 201204-07)
Severity: normal
Exploitable: remote
Date: April 17, 2012
Bug(s): #390149, #404101, #407023, #410005
ID: 201204-07
Synopsis
Multiple vulnerabilities in Adobe Flash Player, the worst of which
might allow remote attackers to execute arbitrary code.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Affected Packages
Package: www-plugins/adobe-flash
Vulnerable: < 11.2.202.228
Unaffected: >= 11.2.202.228
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition. Furthermore,
a remote attacker may be able to bypass intended access restrictions,
bypass cross-domain policy, inject arbitrary web script, or obtain
sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-11.2.202.228"
|
References
CVE-2011-2445
CVE-2011-2450
CVE-2011-2451
CVE-2011-2452
CVE-2011-2453
CVE-2011-2454
CVE-2011-2455
CVE-2011-2456
CVE-2011-2457
CVE-2011-2458
CVE-2011-2459
CVE-2011-2460
CVE-2012-0752
CVE-2012-0753
CVE-2012-0754
CVE-2012-0755
CVE-2012-0756
CVE-2012-0767
CVE-2012-0768
CVE-2012-0769
CVE-2012-0773 |
|
News & Announcements
