Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 372899 - <www-plugins/adobe-flash-10.3.181.14: arbitrary code execution (CVE-2011-0628)
Summary: <www-plugins/adobe-flash-10.3.181.14: arbitrary code execution (CVE-2011-0628)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-24 20:37 UTC by GLSAMaker/CVETool Bot
Modified: 2011-10-13 23:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 20:37:15 UTC 
CVE-2011-0628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628):
  Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS
  X, Linux, and Solaris and before 10.3.185.21 on Android allows remote
  attackers to execute arbitrary code via ActionScript that improperly handles
  a long array object.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-06-24 20:40:13 UTC 
Already fixed with 10.3.181.26, this bug is needed for GLSA tracking.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2011-10-13 23:54:12 UTC 
This issue was resolved and addressed in
 GLSA 201110-11 at http://security.gentoo.org/glsa/glsa-201110-11.xml
by GLSA coordinator Tim Sammut (underling).