Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 431432 (CVE-2012-1535) - <www-plugins/adobe-flash-11.2.202.238 : Unspecified Code Execution Vulnerability (CVE-2012-1535)
Summary: <www-plugins/adobe-flash-11.2.202.238 : Unspecified Code Execution Vulnerabil...
Status: RESOLVED FIXED
Alias: CVE-2012-1535
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.adobe.com/support/securit...
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-08-14 21:06 UTC by Agostino Sarubbo
Modified: 2012-09-05 01:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-08-14 21:06:04 UTC 
Users of Adobe Flash Player 11.2.202.236 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.238.

See upstream advisory at $URL for more details
Comment 1 Tim Harder gentoo-dev 2012-08-17 02:20:04 UTC 
11.2.202.238 added to CVS.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-08-17 02:34:26 UTC 
Thank you, Tim.

Arches, please test and mark stable:
=www-plugins/adobe-flash-11.2.202.238
Target keywords : "amd64 x86"
Comment 3 Johannes Huber (RETIRED) gentoo-dev 2012-08-17 07:39:41 UTC 
x86 stable
Comment 4 Agostino Sarubbo gentoo-dev 2012-08-17 08:53:18 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2012-08-17 08:53:56 UTC 
glsa request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2012-08-17 10:51:23 UTC 
CVE-2012-1535 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1535):
  Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on
  Windows and Mac OS X and before 11.2.202.238 on Linux allows remote
  attackers to execute arbitrary code or cause a denial of service
  (application crash) via crafted SWF content, as exploited in the wild in
  August 2012 with SWF content in a Word document.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2012-09-05 01:38:24 UTC 
This issue was resolved and addressed in
 GLSA 201209-01 at http://security.gentoo.org/glsa/glsa-201209-01.xml
by GLSA coordinator Sean Amoss (ackle).