Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 332205 (CVE-2010-0209) - <www-plugins/adobe-flash-{9.0.280, 10.1.82.76}: Multiple vulnerabilities (APSB10-16) (CVE-2010-{0209,2188,2213,2214,2215,2216})
Summary: <www-plugins/adobe-flash-{9.0.280, 10.1.82.76}: Multiple vulnerabilities (APS...
Status: RESOLVED FIXED
Alias: CVE-2010-0209
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://www.adobe.com/support/security...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-08-11 09:30 UTC by Alex Legler (RETIRED)
Modified: 2011-01-21 17:20 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-11 09:30:16 UTC
From $URL:

Critical  vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-0209).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2188).

This update resolves multiple memory corruption vulnerabilities that could lead to code execution (CVE-2010-2213).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2214).

This update resolves a vulnerability that could lead to a click-jacking attack. (CVE-2010-2215).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2216).
Comment 1 Jim Ramsay (lack) (RETIRED) gentoo-dev 2010-08-11 11:48:08 UTC
Okay! adobe-flash-10.1.82.76 and adobe-flash9.0.280.0 are in the tree.

As usual, since this is a binary package, feel free to request arch stabilization of 10.1.82.76 as soon as you like.  My preliminary testing shows things are as stable as the previous 10.1 release (but no more stable on amd64 with nspluginwrapper, unfortunately).
Comment 2 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-11 19:54:44 UTC
Arches, please test and mark stable:
=www-plugins/adobe-flash-10.1.82.76
=www-plugins/adobe-flash-9.0.208.0
Target keywords : "amd64 x86"
Comment 3 Markos Chandras (RETIRED) gentoo-dev 2010-08-11 21:46:17 UTC
amd64 done
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-08-12 02:28:40 UTC
x86 stable (last arch)
Comment 5 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-12 07:58:49 UTC
GLSA together with bug 322855.
Comment 6 Darren Smith 2010-08-14 11:24:11 UTC
The 9.0.280 version was committed as 9.0.208.
Comment 7 Jim Ramsay (lack) (RETIRED) gentoo-dev 2010-08-15 00:44:17 UTC
Thanks, renamed 9.0.208 to 9.0.280 (still stable).  All is well.
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-03 21:47:38 UTC
CVE-2010-0209 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0209):
  Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and
  Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214,
  and CVE-2010-2216.

CVE-2010-2213 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2213):
  Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and
  Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214,
  and CVE-2010-2216.

CVE-2010-2214 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2214):
  Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and
  Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213,
  and CVE-2010-2216.

CVE-2010-2215 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2215):
  Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and
  Adobe AIR before 2.0.3, allows attackers to trick a user into (1)
  selecting a link or (2) completing a dialog, related to a
  "click-jacking" issue.

CVE-2010-2216 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2216):
  Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and
  Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or
  cause a denial of service (memory corruption) via unspecified
  vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213,
  and CVE-2010-2214.

Comment 9 David Sparks 2010-09-21 00:59:42 UTC
I never received this GLSA (via glsa-check).  I did find out about this vuln by seeing the "masked package installed" warning.  I'm not sure if this is expected, but its quite concerning.

emerge --info:

Portage 2.1.8.3 (default/linux/amd64/10.0/desktop/kde, gcc-4.3.4, glibc-2.10.1-r1, 2.6.31-gentoo-r10 x86_64)                                
=================================================================                                                                           
System uname: Linux-2.6.31-gentoo-r10-x86_64-Intel-R-_Xeon-R-_CPU_5130_@_2.00GHz-with-gentoo-1.12.13                                        
Timestamp of tree: Mon, 20 Sep 2010 07:00:01 +0000                                                                                          
ccache version 2.4 [disabled]                                                                                                               
app-shells/bash:     4.0_p35                                                                                                                
dev-java/java-config: 2.1.9-r2                                                                                                              
dev-lang/python:     2.6.4                                                                                                                  
dev-util/ccache:     2.4-r7                                                                                                                 
dev-util/cmake:      2.6.4-r3                                                                                                               
sys-apps/baselayout: 1.12.13                                                                                                                
sys-apps/sandbox:    1.6-r2                                                                                                                 
sys-devel/autoconf:  2.13, 2.63-r1                                                                                                          
sys-devel/automake:  1.5, 1.8.5-r3, 1.9.6-r2, 1.10.2                                                                                        
sys-devel/binutils:  2.18-r3                                                                                                                
sys-devel/gcc:       4.3.4                                                                                                                  
sys-devel/gcc-config: 1.4.1                                                                                                                 
sys-devel/libtool:   2.2.6b                                                                                                                 
sys-devel/make:      3.81                                                                                                                   
virtual/os-headers:  2.6.32
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA dlj-1.1 AdobeFlash-10 AdobeFlash-10.1"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=core2"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O2 -pipe -march=core2"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests buildpkg distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://portage.xxx.com/gentoo-portage"
USE="X a52 aac acpi administrator amd64 berkdb branding bzip2 cairo cdr cli cracklib crypt cxx dbus dri dts dvd dvdr emboss exif extensions firefox gif glitz gtk hpn iconv jpeg kde kdehiddenvisibility latin1 lcms libnotify mad mikmod mmx mng modules moznopango mp4 mpeg msn mudflap multilib ncurses nls nptl nptlonly nsplugin nxclient offensive ogg opengl openmp pam pango pcre pdf perl png pppd prediction python qt3 qt3support qt4 query-browser readline reflection restrict-javascript sdl session spell sse sse2 ssl startup-notification svg sysfs tiff tordns truetype unicode usb userlocales vnc webkit workbench x264 xcb xml xorg xulrunner xv xvid zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="none" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="none" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2011-01-21 17:20:38 UTC
This is GLSA 201101-09; thank you.