Advisories » MGASA-2013-0370

Updated flash-player-plugin package fixes vulnerabilities

Publication date: 12 Dec 2013
Modification date: 12 Dec 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-5331 , CVE-2013-5332

Description

Adobe Flash Player 11.2.202.332 contains fixes to critical security
vulnerabilities found in earlier versions. These vulnerabilities could cause a
crash and potentially allow an attacker to take control of the affected system.

This update resolves a type confusion vulnerability that could lead to code
execution (CVE-2013-5331).

This update resolves a memory corruption vulnerability that could lead to 
code execution (CVE-2013-5332).
                

References

• http://helpx.adobe.com/security/products/flash-player/apsb13-28.html
• https://bugs.mageia.org/show_bug.cgi?id=11943
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5331
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5332

SRPMS

3/nonfree

• flash-player-plugin-11.2.202.332-1.mga3.nonfree