Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1258-1

Опубликовано: 16 июл. 2015
Источник: suse-cvrf

Описание

Security update for flash-player

flash-player was updated to fix two security issues.

These security issues were fixed:

  • CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function (bsc#937752).
  • CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property (bsc#937752).

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
flash-player-11.2.202.491-0.11.1
flash-player-gnome-11.2.202.491-0.11.1
flash-player-kde4-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP4
flash-player-11.2.202.491-0.11.1
flash-player-gnome-11.2.202.491-0.11.1
flash-player-kde4-11.2.202.491-0.11.1

Ссылки

Описание

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.491-0.11.1
Ссылки

Описание

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.491-0.11.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.491-0.11.1
Ссылки