{
  "schema_version": "1.7.0",
  "id": "MGASA-2014-0029",
  "published": "2014-01-24T21:05:53Z",
  "modified": "2022-01-17T16:38:46Z",
  "summary": "Updated flash-player-plugin fixes security vulnerabilities",
  "details": "Adobe Flash Player 11.2.202.335 contains fixes to critical security\nvulnerabilities found in earlier versions. These vulnerabilities could cause a\ncrash and potentially allow an attacker to take control of the affected system.\n\nThis update resolves a vulnerability that could be used to bypass Flash Player\nsecurity protections (CVE-2014-0491).\n\nThis update resolves an address leak vulnerability that could be used to defeat\nmemory address layout randomization (CVE-2014-0492).\n",
  "upstream": [
    "CVE-2014-0491",
    "CVE-2014-0492"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2014-0029.html"
    },
    {
      "type": "WEB",
      "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-02.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=12395"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:3",
        "name": "flash-player-plugin",
        "purl": "pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-3"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "11.2.202.335-1.mga3.nonfree"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "nonfree"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}