Bug 508986 (CVE-2014-0515)

Summary:	<www-plugins/adobe-flash-11.2.202.356: buffer overflow (CVE-2014-0515)
Product:	Gentoo Security	Reporter:	Jeroen Roovers (RETIRED) <jer>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	hyedad
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
Whiteboard:	B2 [glsa]
Package list:		Runtime testing required:	---

Description Jeroen Roovers (RETIRED) gentoo-dev

2014-04-28 16:18:49 UTC

Arch teams, please test and mark stable:
=www-plugins/adobe-flash-11.2.202.356
Targeted stable KEYWORDS : amd64 x86

Comment 1 Yury German Gentoo Infrastructure

2014-04-30 04:30:39 UTC

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0515

Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.

Comment 2 Jeroen Roovers (RETIRED) gentoo-dev

2014-04-30 05:05:46 UTC

Stable for AMD64 x86.

Comment 3 Yury German Gentoo Infrastructure

2014-05-02 03:55:25 UTC

Arches and Maintainer(s), Thank you for your work.

Added to an existing GLSA request

Comment 4 GLSAMaker/CVETool Bot gentoo-dev

2014-05-03 18:55:44 UTC

CVE-2014-0515 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0515):
  Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through
  13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on
  Linux, allows remote attackers to execute arbitrary code via unspecified
  vectors, as exploited in the wild in April 2014.

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2014-05-03 19:14:10 UTC

This issue was resolved and addressed in
 GLSA 201405-04 at http://security.gentoo.org/glsa/glsa-201405-04.xml
by GLSA coordinator Sergey Popov (pinkbyte).