Updated flash-player-plugin package fixes security vulnerabilities
Publication date: 18 Oct 2016Modification date: 18 Oct 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-4273 , CVE-2016-4286 , CVE-2016-6981 , CVE-2016-6982 , CVE-2016-6983 , CVE-2016-6984 , CVE-2016-6985 , CVE-2016-6986 , CVE-2016-6987 , CVE-2016-6989 , CVE-2016-6990 , CVE-2016-6992
Description
Adobe Flash Player 11.2.202.637 contains fixes to critical security
vulnerabilities found in earlier versions that could potentially allow
an attacker to take control of the affected system.
This update resolves a type confusion vulnerability that could lead to
code execution (CVE-2016-6992).
This update resolves use-after-free vulnerabilities that could lead to
code execution (CVE-2016-6981, CVE-2016-6987).
This update resolves a security bypass vulnerability (CVE-2016-4286).
This update resolves memory corruption vulnerabilities that could lead
to code execution (CVE-2016-4273, CVE-2016-6982, CVE-2016-6983,
CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989,
CVE-2016-6990).
References
- https://bugs.mageia.org/show_bug.cgi?id=19584
- https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4273
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4286
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6981
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6982
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6983
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6984
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6985
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6986
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6987
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6989
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6990
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6992
SRPMS
5/nonfree
- flash-player-plugin-11.2.202.637-1.mga5.nonfree