Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 657564 (CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002)

Summary: <www-plugins/adobe-flash- multiple vulnerabilities (APSB18-19)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: desktop-misc, jer
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa+ cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-06-07 23:11:06 UTC
Incoming details.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2018-06-07 23:14:13 UTC
From $URL:

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user.

Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.

@ Maintainer(s): Please bump package to >=www-plugins/adobe-flash-!
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2018-06-09 15:31:31 UTC
New GLSA request filed.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2018-06-13 20:55:16 UTC
This issue was resolved and addressed in
 GLSA 201806-02 at
by GLSA coordinator Aaron Bauman (b-man).