Updated flash-player-plugin packages fix multiple vulnerabilities
Publication date: 13 Jun 2014Modification date: 13 Jun 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-0531 , CVE-2014-0532 , CVE-2014-0533 , CVE-2014-0534 , CVE-2014-0535 , CVE-2014-0536
Description
Adobe Flash Player 11.2.202.378 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This updates resolves cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533). This updates resolves security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535). This updates resolves a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536).
References
- http://helpx.adobe.com/security/products/flash-player/apsb14-16.html
- https://bugs.mageia.org/show_bug.cgi?id=13520
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0531
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0532
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0533
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0535
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0536
SRPMS
3/nonfree
- flash-player-plugin-11.2.202.378-1.mga3.nonfree
4/nonfree
- flash-player-plugin-11.2.202.378-1.mga4.nonfree