Arch teams, please test and mark stable: =www-plugins/adobe-flash-11.2.202.425 Targeted stable KEYWORDS : amd64 x86
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
GLSA draft created
Cleanup done by Jer.
CVE-2014-8443 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443): Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors. CVE-2014-9163 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163): Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014. CVE-2014-9164 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164): Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
This issue was resolved and addressed in GLSA 201412-07 at http://security.gentoo.org/glsa/glsa-201412-07.xml by GLSA coordinator Sergey Popov (pinkbyte).
CVE-2014-0587 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587): Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164. CVE-2014-0580 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580): Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.