Updated flash-player-plugin packages fix security vulnerability
Publication date: 10 Mar 2016Modification date: 10 Mar 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0963 , CVE-2016-0986 , CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0989 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0993 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-1000 , CVE-2016-1001 , CVE-2016-1005 , CVE-2016-1010
Description
Adobe Flash Player 11.2.202.577 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-1000). This update resolves a heap overflow vulnerability that could lead to code execution (CVE-2016-1001). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1005). Adobe reports that an exploit for CVE-2016-1010 is being used in limited, targeted attacks.
References
- https://bugs.mageia.org/show_bug.cgi?id=17945
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0960
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0961
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0962
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0963
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0986
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0987
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0988
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0989
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0990
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0991
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0993
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0994
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0995
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0996
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1001
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1010
SRPMS
5/nonfree
- flash-player-plugin-11.2.202.577-1.mga5.nonfree