VDB
GCVE-110-MAGEIA-2015-109
GCVE-110-MAGEIA-2015-109
Advisory Published
Adobe Flash Player 11.2.202.451 contains fixes to critical security
vulnerabilities found in earlier versions that could cause a crash and
potentially allow an attacker to take control of the affected system.
This update resolves memory corruption vulnerabilities that could lead
to code execution (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335,
CVE-2015-0339).
This update resolves type confusion vulnerabilities that could lead
to code execution (CVE-2015-0334, CVE-2015-0336).
This update resolves a vulnerability that could lead to a cross-domain
policy bypass (CVE-2015-0337).
This update resolves a vulnerability that could lead to a file upload
restriction bypass (CVE-2015-0340).
This update resolves an integer overflow vulnerability that could lead
to code execution (CVE-2015-0338).
This update resolves use-after-free vulnerabilities that could lead
to code execution (CVE-2015-0341, CVE-2015-0342).
Additionally, the Flash Plugin package downloaded from Adobe is now
verified using recorded sha256sum and file size instead of using
insecure md5sum (mga#15229).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | wxPython | 0 (affected), 3.0.2.0-1.mga5 (unaffected) | — |
| Mageia | freedink-dfarc | 0 (affected), 3.12-1.1.mga5 (unaffected) | — |
| Mageia | mkvtoolnix | 0 (affected), 7.6.0-1.1.mga5 (unaffected) | — |
| Mageia | flash-player-plugin | 11.2.202.451-1.mga4.nonfree (unaffected), 0 (affected), 11.2.202.451-1.mga4.nonfree (unaffected), 0 (affected) | — |
| Mageia | dolphin-emu | 0 (affected), 4.0.2-8.5406.2.1.mga5.tainted (unaffected) | — |
| Mageia | aegisub | 0 (affected), 3.2.2-1.1.mga5 (unaffected) | — |
| Mageia | urbanlightscape | 0 (affected), 1.3.3-5.1.mga5 (unaffected) | — |
| Mageia | megaglest | 0 (affected), 3.11.1-1.1.mga5 (unaffected) | — |
| Mageia | tintii | 0 (affected), 2.9.0-5.1.mga5 (unaffected) | — |
| Mageia | ariamaestosa | 0 (affected), 1.4.10-3.1.mga5 (unaffected) | — |
| Mageia | freedv | 0.97.0-1.1.mga5 (unaffected), 0 (affected) | — |
| Mageia | golly | 0 (affected), 2.4-10.1.mga5 (unaffected) | — |
| Mageia | wxmaxima | 0 (affected), 14.12.1-1.1.mga5 (unaffected) | — |
| Mageia | wxgtk | 3.0.2-1.1.mga5 (unaffected), 0 (affected) | — |
| Mageia | openbabel | 0 (affected), 2.3.2-10.1.mga5 (unaffected) | — |
| Mageia | filezilla | 0 (affected), 3.11.0.2-1.1.mga5 (unaffected) | — |
| Mageia | poedit | 0 (affected), 1.6.9-3.1.mga5 (unaffected) | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.