Summary: | <www-plugins/adobe-flash-11.2.202.262: two vulnerabilities (CVE-2013-{0633,0634}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alex, desktop-misc, lack |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/52116/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-02-08 10:12:32 UTC
Arch teams, please test and mark stable: =www-plugins/adobe-flash-11.2.202.262 Stable KEYWORDS : amd64 x86 amd64 stable x86 stable security please file the glsa request. CVE-2013-0634 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634): Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013. CVE-2013-0633 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633): Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. This issue was resolved and addressed in GLSA 201309-06 at http://security.gentoo.org/glsa/glsa-201309-06.xml by GLSA coordinator Sean Amoss (ackle). |