Описание
Security update for flash-player
Adobe Flash Player was updated to 11.2.202.451 (bsc#922033).
These security issues were fixed:
- Memory corruption vulnerabilities that could lead to code execution (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339).
- Type confusion vulnerabilities that could lead to code execution (CVE-2015-0334, CVE-2015-0336).
- A vulnerability that could lead to a cross-domain policy bypass (CVE-2015-0337).
- A vulnerability that could lead to a file upload restriction bypass (CVE-2015-0340).
- An integer overflow vulnerability that could lead to code execution (CVE-2015-0338).
- Use-after-free vulnerabilities that could lead to code execution (CVE-2015-0341, CVE-2015-0342).
Список пакетов
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Workstation Extension 12
Ссылки
- Link for SUSE-SU-2015:0491-1
- E-Mail link for SUSE-SU-2015:0491-1
- SUSE Security Ratings
- SUSE Bug 922033
- SUSE CVE CVE-2015-0332 page
- SUSE CVE CVE-2015-0333 page
- SUSE CVE CVE-2015-0334 page
- SUSE CVE CVE-2015-0335 page
- SUSE CVE CVE-2015-0336 page
- SUSE CVE CVE-2015-0337 page
- SUSE CVE CVE-2015-0338 page
- SUSE CVE CVE-2015-0339 page
- SUSE CVE CVE-2015-0340 page
- SUSE CVE CVE-2015-0341 page
- SUSE CVE CVE-2015-0342 page
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0333, CVE-2015-0335, and CVE-2015-0339.
Затронутые продукты
Ссылки
- CVE-2015-0332
- SUSE Bug 922033
- SUSE Bug 922296
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0335, and CVE-2015-0339.
Затронутые продукты
Ссылки
- CVE-2015-0333
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0336.
Затронутые продукты
Ссылки
- CVE-2015-0334
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0333, and CVE-2015-0339.
Затронутые продукты
Ссылки
- CVE-2015-0335
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0334.
Затронутые продукты
Ссылки
- CVE-2015-0336
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2015-0337
- SUSE Bug 922033
Описание
Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2015-0338
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0333, and CVE-2015-0335.
Затронутые продукты
Ссылки
- CVE-2015-0339
- SUSE Bug 922033
Описание
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2015-0340
- SUSE Bug 922033
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0342.
Затронутые продукты
Ссылки
- CVE-2015-0341
- SUSE Bug 922033
Описание
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0341.
Затронутые продукты
Ссылки
- CVE-2015-0342
- SUSE Bug 922033