Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Adobe Flash Player
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Adobe Flash Player
ID: openSUSE-SU-2015:0725-1
Distribution: SUSE
Plattformen: SUSE openSUSE Evergreen 11.4
Datum: Do, 16. April 2015, 13:27
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0589
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044

Originalnachricht

   openSUSE Security Update: Security update for Adobe Flash Player
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0725-1
Rating: important
References: #856386 #901334 #905032 #907257 #909219 #913057
#914333 #914463 #922033 #927089
Cross-References: CVE-2014-0558 CVE-2014-0564 CVE-2014-0569
CVE-2014-0573 CVE-2014-0574 CVE-2014-0576
CVE-2014-0577 CVE-2014-0581 CVE-2014-0582
CVE-2014-0583 CVE-2014-0584 CVE-2014-0585
CVE-2014-0586 CVE-2014-0588 CVE-2014-0589
CVE-2014-0590 CVE-2014-8437 CVE-2014-8438
CVE-2014-8440 CVE-2014-8441 CVE-2014-8442
CVE-2015-0331 CVE-2015-0332 CVE-2015-0346
CVE-2015-0347 CVE-2015-0348 CVE-2015-0349
CVE-2015-0350 CVE-2015-0351 CVE-2015-0352
CVE-2015-0353 CVE-2015-0354 CVE-2015-0355
CVE-2015-0356 CVE-2015-0357 CVE-2015-0358
CVE-2015-0359 CVE-2015-0360 CVE-2015-3038
CVE-2015-3039 CVE-2015-3040 CVE-2015-3041
CVE-2015-3042 CVE-2015-3043 CVE-2015-3044

Affected Products:
openSUSE Evergreen 11.4
______________________________________________________________________________

An update that fixes 45 vulnerabilities is now available.

Description:

Adobe Flash Player was updated to 11.2.202.457 to fix several security
issues that could lead to remote code execution.

An exploit for CVE-2015-3043 was reported to exist in the wild.

The following vulnerabilities were fixed:

* Memory corruption vulnerabilities that could lead to code execution
(CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353,
CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038,
CVE-2015-3041, CVE-2015-3042, CVE-2015-3043).
* Type confusion vulnerability that could lead to code execution
(CVE-2015-0356).
* Buffer overflow vulnerability that could lead to code execution
(CVE-2015-0348).
* Use-after-free vulnerabilities that could lead to code execution
(CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039).
* Double-free vulnerabilities that could lead to code execution
(CVE-2015-0346, CVE-2015-0359).
* Memory leak vulnerabilities that could be used to bypass ASLR
(CVE-2015-0357, CVE-2015-3040).
* Security bypass vulnerability that could lead to information disclosure
(CVE-2015-3044)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Evergreen 11.4:

zypper in -t patch 2015-13=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Evergreen 11.4 (i586 x86_64):

flash-player-11.2.202.457-158.1
flash-player-gnome-11.2.202.457-158.1
flash-player-kde4-11.2.202.457-158.1


References:

https://www.suse.com/security/cve/CVE-2014-0558.html
https://www.suse.com/security/cve/CVE-2014-0564.html
https://www.suse.com/security/cve/CVE-2014-0569.html
https://www.suse.com/security/cve/CVE-2014-0573.html
https://www.suse.com/security/cve/CVE-2014-0574.html
https://www.suse.com/security/cve/CVE-2014-0576.html
https://www.suse.com/security/cve/CVE-2014-0577.html
https://www.suse.com/security/cve/CVE-2014-0581.html
https://www.suse.com/security/cve/CVE-2014-0582.html
https://www.suse.com/security/cve/CVE-2014-0583.html
https://www.suse.com/security/cve/CVE-2014-0584.html
https://www.suse.com/security/cve/CVE-2014-0585.html
https://www.suse.com/security/cve/CVE-2014-0586.html
https://www.suse.com/security/cve/CVE-2014-0588.html
https://www.suse.com/security/cve/CVE-2014-0589.html
https://www.suse.com/security/cve/CVE-2014-0590.html
https://www.suse.com/security/cve/CVE-2014-8437.html
https://www.suse.com/security/cve/CVE-2014-8438.html
https://www.suse.com/security/cve/CVE-2014-8440.html
https://www.suse.com/security/cve/CVE-2014-8441.html
https://www.suse.com/security/cve/CVE-2014-8442.html
https://www.suse.com/security/cve/CVE-2015-0331.html
https://www.suse.com/security/cve/CVE-2015-0332.html
https://www.suse.com/security/cve/CVE-2015-0346.html
https://www.suse.com/security/cve/CVE-2015-0347.html
https://www.suse.com/security/cve/CVE-2015-0348.html
https://www.suse.com/security/cve/CVE-2015-0349.html
https://www.suse.com/security/cve/CVE-2015-0350.html
https://www.suse.com/security/cve/CVE-2015-0351.html
https://www.suse.com/security/cve/CVE-2015-0352.html
https://www.suse.com/security/cve/CVE-2015-0353.html
https://www.suse.com/security/cve/CVE-2015-0354.html
https://www.suse.com/security/cve/CVE-2015-0355.html
https://www.suse.com/security/cve/CVE-2015-0356.html
https://www.suse.com/security/cve/CVE-2015-0357.html
https://www.suse.com/security/cve/CVE-2015-0358.html
https://www.suse.com/security/cve/CVE-2015-0359.html
https://www.suse.com/security/cve/CVE-2015-0360.html
https://www.suse.com/security/cve/CVE-2015-3038.html
https://www.suse.com/security/cve/CVE-2015-3039.html
https://www.suse.com/security/cve/CVE-2015-3040.html
https://www.suse.com/security/cve/CVE-2015-3041.html
https://www.suse.com/security/cve/CVE-2015-3042.html
https://www.suse.com/security/cve/CVE-2015-3043.html
https://www.suse.com/security/cve/CVE-2015-3044.html
https://bugzilla.suse.com/856386
https://bugzilla.suse.com/901334
https://bugzilla.suse.com/905032
https://bugzilla.suse.com/907257
https://bugzilla.suse.com/909219
https://bugzilla.suse.com/913057
https://bugzilla.suse.com/914333
https://bugzilla.suse.com/914463
https://bugzilla.suse.com/922033
https://bugzilla.suse.com/927089

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung