Adobe Flash Player was updated to version 11.2.202.457 to fix several
security issues that could have lead to remote code execution.
An exploit for CVE-2015-3043 was reported to exist in the wild.
The following vulnerabilities have been fixed:
* Memory corruption vulnerabilities that could have lead to code
execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352,
CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360,
CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043).
* Type confusion vulnerability that could have lead to code execution
(CVE-2015-0356).
* Buffer overflow vulnerability that could have lead to code execution
(CVE-2015-0348).
* Use-after-free vulnerabilities that could have lead to code
execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358,
CVE-2015-3039).
* Double-free vulnerabilities that could have lead to code execution
(CVE-2015-0346, CVE-2015-0359).
* Memory leak vulnerabilities that could have been used to bypass ASLR
(CVE-2015-0357, CVE-2015-3040).
* Security bypass vulnerability that could have lead to information
disclosure (CVE-2015-3044).
Security Issues:
* CVE-2015-0346
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346</a>>
* CVE-2015-0347
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347</a>>
* CVE-2015-0348
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348</a>>
* CVE-2015-0349
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349</a>>
* CVE-2015-0350
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350</a>>
* CVE-2015-0351
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351</a>>
* CVE-2015-0352
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352</a>>
* CVE-2015-0353
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353</a>>
* CVE-2015-0354
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354</a>>
* CVE-2015-0355
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355</a>>
* CVE-2015-0356
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356</a>>
* CVE-2015-0357
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357</a>>
* CVE-2015-0358
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358</a>>
* CVE-2015-0359
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359</a>>
* CVE-2015-0360
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360</a>>
* CVE-2015-3038
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038</a>>
* CVE-2015-3039
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039</a>>
* CVE-2015-3040
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040</a>>
* CVE-2015-3041
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041</a>>
* CVE-2015-3042
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042</a>>
* CVE-2015-3043
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043</a>>
* CVE-2015-3044
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Desktop | 11.3 | x86_64 | flash-player-gnome | < 11.2.202.457-0.3.1 | flash-player-gnome-11.2.202.457-0.3.1.x86_64.rpm |
SUSE Linux Enterprise Desktop | 11.3 | i586 | flash-player | < 11.2.202.457-0.3.1 | flash-player-11.2.202.457-0.3.1.i586.rpm |
SUSE Linux Enterprise Desktop | 11.3 | i586 | flash-player-kde4 | < 11.2.202.457-0.3.1 | flash-player-kde4-11.2.202.457-0.3.1.i586.rpm |
SUSE Linux Enterprise Desktop | 11.3 | x86_64 | flash-player-kde4 | < 11.2.202.457-0.3.1 | flash-player-kde4-11.2.202.457-0.3.1.x86_64.rpm |
SUSE Linux Enterprise Desktop | 11.3 | x86_64 | flash-player | < 11.2.202.457-0.3.1 | flash-player-11.2.202.457-0.3.1.x86_64.rpm |
SUSE Linux Enterprise Desktop | 11.3 | i586 | flash-player-gnome | < 11.2.202.457-0.3.1 | flash-player-gnome-11.2.202.457-0.3.1.i586.rpm |