VDB

GCVE-110-MAGEIA-2015-109

GCVE-110-MAGEIA-2015-109
Advisory Published
Vulnetix · Advisory published March 14, 2015
Adobe Flash Player 11.2.202.451 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339). This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2015-0334, CVE-2015-0336). This update resolves a vulnerability that could lead to a cross-domain policy bypass (CVE-2015-0337). This update resolves a vulnerability that could lead to a file upload restriction bypass (CVE-2015-0340). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2015-0338). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-0341, CVE-2015-0342). Additionally, the Flash Plugin package downloaded from Adobe is now verified using recorded sha256sum and file size instead of using insecure md5sum (mga#15229).

Affected Products

VendorProductVersionsPlatforms
MageiawxPython0 (affected), 3.0.2.0-1.mga5 (unaffected)
Mageiafreedink-dfarc0 (affected), 3.12-1.1.mga5 (unaffected)
Mageiamkvtoolnix0 (affected), 7.6.0-1.1.mga5 (unaffected)
Mageiaflash-player-plugin11.2.202.451-1.mga4.nonfree (unaffected), 0 (affected), 11.2.202.451-1.mga4.nonfree (unaffected), 0 (affected)
Mageiadolphin-emu0 (affected), 4.0.2-8.5406.2.1.mga5.tainted (unaffected)
Mageiaaegisub0 (affected), 3.2.2-1.1.mga5 (unaffected)
Mageiaurbanlightscape0 (affected), 1.3.3-5.1.mga5 (unaffected)
Mageiamegaglest0 (affected), 3.11.1-1.1.mga5 (unaffected)
Mageiatintii0 (affected), 2.9.0-5.1.mga5 (unaffected)
Mageiaariamaestosa0 (affected), 1.4.10-3.1.mga5 (unaffected)
Mageiafreedv0.97.0-1.1.mga5 (unaffected), 0 (affected)
Mageiagolly0 (affected), 2.4-10.1.mga5 (unaffected)
Mageiawxmaxima0 (affected), 14.12.1-1.1.mga5 (unaffected)
Mageiawxgtk3.0.2-1.1.mga5 (unaffected), 0 (affected)
Mageiaopenbabel0 (affected), 2.3.2-10.1.mga5 (unaffected)
Mageiafilezilla0 (affected), 3.11.0.2-1.1.mga5 (unaffected)
Mageiapoedit0 (affected), 1.6.9-3.1.mga5 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›