Updated flash-player-plugin packages fix multiple vulnerabilities
Publication date: 09 Jul 2014Modification date: 17 Jan 2022
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4671 , CVE-2014-0537 , CVE-2014-0539
Description
Adobe Flash Player 11.2.202.394 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2014-4671). This update resolves security bypass vulnerabilities (CVE-2014-0537, CVE-2014-0539).
References
SRPMS
3/nonfree
- flash-player-plugin-11.2.202.394-1.mga3.nonfree
4/nonfree
- flash-player-plugin-11.2.202.394-1.mga4.nonfree