The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-11
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-3100, CVE-2015-3103, CVE-2015-3104, CVE-2015-3105,
CVE-2015-3106, CVE-2015-3107)
Multiple security bypass flaws were found in flash-plugin that could lead
to the disclosure of sensitive information. (CVE-2015-3096, CVE-2015-3098,
CVE-2015-3099, CVE-2015-3102)
A memory information leak flaw was found in flash-plugin that could
allow an attacker to potentially bypass ASLR (Address Space Layout
Randomization) protection, and make it easier to exploit other flaws.
(CVE-2015-3108)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 11.2.202.466.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | flash-plugin | < 11.2.202.466-1.el6_6 | flash-plugin-11.2.202.466-1.el6_6.i686.rpm |
RedHat | 5 | i386 | flash-plugin | < 11.2.202.466-1.el5 | flash-plugin-11.2.202.466-1.el5.i386.rpm |