Updated flash-player-plugin packages fix security vulnerabilities
Publication date: 15 Apr 2015Modification date: 15 Apr 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-0346 , CVE-2015-0347 , CVE-2015-0348 , CVE-2015-0349 , CVE-2015-0350 , CVE-2015-0351 , CVE-2015-0352 , CVE-2015-0353 , CVE-2015-0354 , CVE-2015-0355 , CVE-2015-0356 , CVE-2015-0357 , CVE-2015-0358 , CVE-2015-0359 , CVE-2015-0360 , CVE-2015-3038 , CVE-2015-3039 , CVE-2015-3040 , CVE-2015-3041 , CVE-2015-3042 , CVE-2015-3043 , CVE-2015-3044
Description
Adobe Flash Player 11.2.202.457 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043). This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-0356). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2015-0348). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039). This update resolves double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359). This update resolves memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-3044).
References
- https://bugs.mageia.org/show_bug.cgi?id=15697
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044
SRPMS
4/nonfree
- flash-player-plugin-11.2.202.457-1.mga4.nonfree