{ "schema_version": "1.7.0", "id": "MGASA-2015-0444", "published": "2015-11-11T19:20:05Z", "modified": "2015-11-11T19:17:58Z", "summary": "Updated flash-player-plugin packages fix security vulnerability", "details": "Adobe Flash Player 11.2.202.548 contains fixes to critical security\nvulnerabilities found in earlier versions that could potentially allow an\nattacker to take control of the affected system.\n\nThis update resolves a type confusion vulnerability that could lead to\ncode execution (CVE-2015-7659).\n\nThis update resolves a security bypass vulnerability that could be\nexploited to write arbitrary data to the file system under user\npermissions (CVE-2015-7662).\n\nThis update resolves use-after-free vulnerabilities that could lead to\ncode execution (CVE-2015-7651, CVE-2015-7652, CVE-2015-7653,\nCVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658,\nCVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043,\nCVE-2015-8044, CVE-2015-8046).\n", "upstream": [ "CVE-2015-7651", "CVE-2015-7652", "CVE-2015-7653", "CVE-2015-7654", "CVE-2015-7655", "CVE-2015-7656", "CVE-2015-7657", "CVE-2015-7658", "CVE-2015-7659", "CVE-2015-7660", "CVE-2015-7661", "CVE-2015-7662", "CVE-2015-7663", "CVE-2015-8042", "CVE-2015-8043", "CVE-2015-8044", "CVE-2015-8046" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2015-0444.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=17127" } ], "affected": [ { "package": { "ecosystem": "Mageia:5", "name": "flash-player-plugin", "purl": "pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-5" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "11.2.202.548-1.mga5.nonfree" } ] } ], "ecosystem_specific": { "section": "nonfree" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }