Advisories ยป MGASA-2014-0029

Updated flash-player-plugin fixes security vulnerabilities

Publication date: 24 Jan 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-0491 , CVE-2014-0492

Description

Adobe Flash Player 11.2.202.335 contains fixes to critical security
vulnerabilities found in earlier versions. These vulnerabilities could cause a
crash and potentially allow an attacker to take control of the affected system.

This update resolves a vulnerability that could be used to bypass Flash Player
security protections (CVE-2014-0491).

This update resolves an address leak vulnerability that could be used to defeat
memory address layout randomization (CVE-2014-0492).
                

References

SRPMS

3/nonfree