Описание
Security update for flash-player
flash-player was updated to version 11.2.202.442 to fix 18 security issues.
These security issues were fixed:
- Use-after-free vulnerabilities that could lead to code execution (CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322).
- Memory corruption vulnerabilities that could lead to code execution (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, CVE-2015-0330).
- Type confusion vulnerabilities that could lead to code execution (CVE-2015-0317, CVE-2015-0319).
- Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-0323, CVE-2015-0327).
- Buffer overflow vulnerability that could lead to code execution (CVE-2015-0324).
- Null pointer dereference issues (CVE-2015-0325, CVE-2015-0326, CVE-2015-0328).
More information is available at https://helpx.adobe.com/security/products/flash-player/apsb15-04.html
Список пакетов
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Workstation Extension 12
Ссылки
- Link for SUSE-SU-2015:0236-1
- E-Mail link for SUSE-SU-2015:0236-1
- SUSE Security Ratings
- SUSE Bug 915918
- SUSE CVE CVE-2015-0313 page
- SUSE CVE CVE-2015-0314 page
- SUSE CVE CVE-2015-0315 page
- SUSE CVE CVE-2015-0316 page
- SUSE CVE CVE-2015-0317 page
- SUSE CVE CVE-2015-0318 page
- SUSE CVE CVE-2015-0319 page
- SUSE CVE CVE-2015-0320 page
- SUSE CVE CVE-2015-0321 page
- SUSE CVE CVE-2015-0322 page
- SUSE CVE CVE-2015-0323 page
- SUSE CVE CVE-2015-0324 page
- SUSE CVE CVE-2015-0325 page
- SUSE CVE CVE-2015-0326 page
- SUSE CVE CVE-2015-0327 page
- SUSE CVE CVE-2015-0328 page
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
Затронутые продукты
Ссылки
- CVE-2015-0313
- SUSE Bug 915918
- SUSE Bug 916374
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
Затронутые продукты
Ссылки
- CVE-2015-0314
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322.
Затронутые продукты
Ссылки
- CVE-2015-0315
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
Затронутые продукты
Ссылки
- CVE-2015-0316
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0319.
Затронутые продукты
Ссылки
- CVE-2015-0317
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
Затронутые продукты
Ссылки
- CVE-2015-0318
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317.
Затронутые продукты
Ссылки
- CVE-2015-0319
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0322.
Затронутые продукты
Ссылки
- CVE-2015-0320
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330.
Затронутые продукты
Ссылки
- CVE-2015-0321
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0320.
Затронутые продукты
Ссылки
- CVE-2015-0322
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327.
Затронутые продукты
Ссылки
- CVE-2015-0323
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2015-0324
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328.
Затронутые продукты
Ссылки
- CVE-2015-0325
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328.
Затронутые продукты
Ссылки
- CVE-2015-0326
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323.
Затронутые продукты
Ссылки
- CVE-2015-0327
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326.
Затронутые продукты
Ссылки
- CVE-2015-0328
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330.
Затронутые продукты
Ссылки
- CVE-2015-0329
- SUSE Bug 915918
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329.
Затронутые продукты
Ссылки
- CVE-2015-0330
- SUSE Bug 915918
- SUSE Bug 922033