VDB

GCVE-110-MAGEIA-2018-286

GCVE-110-MAGEIA-2018-286
Advisory Published
Vulnetix · Advisory published June 16, 2018
Updated flash-player-plugin packages fixes the following security issues A remote attacker could possibly execute arbitrary code with the privileges of the process or obtain sensitive information (CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002). In response to a class of recently disclosed vulnerabilities in popular CPU hardware related to data cache timing (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754), known popularly as Spectre and Meltdown, Adobe are disabling the ‘shareable’ property of the ActionScript ByteArray class by default. For more info see the referenced adobe release notes.

Affected Products

VendorProductVersionsPlatforms
Mageiaflash-player-plugin0 (affected), 30.0.0.113-1.mga6.nonfree (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›