Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 657564 (CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002) - <www-plugins/adobe-flash-30.0.0.113: multiple vulnerabilities (APSB18-19)
Summary: <www-plugins/adobe-flash-30.0.0.113: multiple vulnerabilities (APSB18-19)
Status: RESOLVED FIXED
Alias: CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://helpx.adobe.com/security/prod...
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-07 23:11 UTC by GLSAMaker/CVETool Bot
Modified: 2018-06-13 20:55 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-06-07 23:11:06 UTC 
Incoming details.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2018-06-07 23:14:13 UTC 
From $URL:

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user.

Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.


@ Maintainer(s): Please bump package to >=www-plugins/adobe-flash-30.0.0.113!
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2018-06-09 15:31:31 UTC 
New GLSA request filed.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2018-06-13 20:55:16 UTC 
This issue was resolved and addressed in
 GLSA 201806-02 at https://security.gentoo.org/glsa/201806-02
by GLSA coordinator Aaron Bauman (b-man).