Summary: | <www-plugins/adobe-flash-{11.2.202.644,23.0.0.207}: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | desktop-misc, jer |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://helpx.adobe.com/flash-player/release-note/fp_23_air_23_release_notes.html | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Thomas Deutschmann (RETIRED)
2016-11-08 13:07:01 UTC
Arch teams, please test and mark stable: =www-plugins/adobe-flash-11.2.202.644 =www-plugins/adobe-flash-23.0.0.207 Targeted stable KEYWORDS : amd64 x86 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. CVE-2016-7865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7865): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7864 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7864): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7863): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7862): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7861 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7861): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7860 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7860): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7859 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7859): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7858 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7858): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. CVE-2016-7857 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7857): Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. This issue was resolved and addressed in GLSA 201611-18 at https://security.gentoo.org/glsa/201611-18 by GLSA coordinator Aaron Bauman (b-man). |