Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 372899

Summary: <www-plugins/adobe-flash-10.3.181.14: arbitrary code execution (CVE-2011-0628)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: desktop-misc, lack
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 20:37:15 UTC 
CVE-2011-0628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628):
  Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS
  X, Linux, and Solaris and before 10.3.185.21 on Android allows remote
  attackers to execute arbitrary code via ActionScript that improperly handles
  a long array object.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-06-24 20:40:13 UTC 
Already fixed with 10.3.181.26, this bug is needed for GLSA tracking.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2011-10-13 23:54:12 UTC 
This issue was resolved and addressed in
 GLSA 201110-11 at http://security.gentoo.org/glsa/glsa-201110-11.xml
by GLSA coordinator Tim Sammut (underling).