Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Adobe Flash Player
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Adobe Flash Player
ID: openSUSE-SU-2015:0725-1
Distribution: SUSE
Plattformen: openSUSE Evergreen 11.4
Datum: Do, 16. April 2015, 13:27
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0589
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044
Applikationen: Flash Plugin for Browsers

Originalnachricht

 
   openSUSE Security Update: Security update for Adobe Flash Player
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:0725-1
Rating:             important
References:         #856386 #901334 #905032 #907257 #909219 #913057 
                    #914333 #914463 #922033 #927089 
Cross-References:   CVE-2014-0558 CVE-2014-0564 CVE-2014-0569
                    CVE-2014-0573 CVE-2014-0574 CVE-2014-0576
                    CVE-2014-0577 CVE-2014-0581 CVE-2014-0582
                    CVE-2014-0583 CVE-2014-0584 CVE-2014-0585
                    CVE-2014-0586 CVE-2014-0588 CVE-2014-0589
                    CVE-2014-0590 CVE-2014-8437 CVE-2014-8438
                    CVE-2014-8440 CVE-2014-8441 CVE-2014-8442
                    CVE-2015-0331 CVE-2015-0332 CVE-2015-0346
                    CVE-2015-0347 CVE-2015-0348 CVE-2015-0349
                    CVE-2015-0350 CVE-2015-0351 CVE-2015-0352
                    CVE-2015-0353 CVE-2015-0354 CVE-2015-0355
                    CVE-2015-0356 CVE-2015-0357 CVE-2015-0358
                    CVE-2015-0359 CVE-2015-0360 CVE-2015-3038
                    CVE-2015-3039 CVE-2015-3040 CVE-2015-3041
                    CVE-2015-3042 CVE-2015-3043 CVE-2015-3044
                   
Affected Products:
                    openSUSE Evergreen 11.4
______________________________________________________________________________

   An update that fixes 45 vulnerabilities is now available.

Description:

   Adobe Flash Player was updated to 11.2.202.457 to fix several security
   issues that could lead to remote code execution.

   An exploit for CVE-2015-3043 was reported to exist in the wild.

   The following vulnerabilities were fixed:

   * Memory corruption vulnerabilities that could lead to code execution
     (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353,
     CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038,
     CVE-2015-3041, CVE-2015-3042, CVE-2015-3043).
   * Type confusion vulnerability that could lead to code execution
     (CVE-2015-0356).
   * Buffer overflow vulnerability that could lead to code execution
     (CVE-2015-0348).
   * Use-after-free vulnerabilities that could lead to code execution
     (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039).
   * Double-free vulnerabilities that could lead to code execution
     (CVE-2015-0346, CVE-2015-0359).
   * Memory leak vulnerabilities that could be used to bypass ASLR
     (CVE-2015-0357, CVE-2015-3040).
   * Security bypass vulnerability that could lead to information disclosure
     (CVE-2015-3044)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Evergreen 11.4:

      zypper in -t patch 2015-13=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE Evergreen 11.4 (i586 x86_64):

      flash-player-11.2.202.457-158.1
      flash-player-gnome-11.2.202.457-158.1
      flash-player-kde4-11.2.202.457-158.1


References:

   https://www.suse.com/security/cve/CVE-2014-0558.html
   https://www.suse.com/security/cve/CVE-2014-0564.html
   https://www.suse.com/security/cve/CVE-2014-0569.html
   https://www.suse.com/security/cve/CVE-2014-0573.html
   https://www.suse.com/security/cve/CVE-2014-0574.html
   https://www.suse.com/security/cve/CVE-2014-0576.html
   https://www.suse.com/security/cve/CVE-2014-0577.html
   https://www.suse.com/security/cve/CVE-2014-0581.html
   https://www.suse.com/security/cve/CVE-2014-0582.html
   https://www.suse.com/security/cve/CVE-2014-0583.html
   https://www.suse.com/security/cve/CVE-2014-0584.html
   https://www.suse.com/security/cve/CVE-2014-0585.html
   https://www.suse.com/security/cve/CVE-2014-0586.html
   https://www.suse.com/security/cve/CVE-2014-0588.html
   https://www.suse.com/security/cve/CVE-2014-0589.html
   https://www.suse.com/security/cve/CVE-2014-0590.html
   https://www.suse.com/security/cve/CVE-2014-8437.html
   https://www.suse.com/security/cve/CVE-2014-8438.html
   https://www.suse.com/security/cve/CVE-2014-8440.html
   https://www.suse.com/security/cve/CVE-2014-8441.html
   https://www.suse.com/security/cve/CVE-2014-8442.html
   https://www.suse.com/security/cve/CVE-2015-0331.html
   https://www.suse.com/security/cve/CVE-2015-0332.html
   https://www.suse.com/security/cve/CVE-2015-0346.html
   https://www.suse.com/security/cve/CVE-2015-0347.html
   https://www.suse.com/security/cve/CVE-2015-0348.html
   https://www.suse.com/security/cve/CVE-2015-0349.html
   https://www.suse.com/security/cve/CVE-2015-0350.html
   https://www.suse.com/security/cve/CVE-2015-0351.html
   https://www.suse.com/security/cve/CVE-2015-0352.html
   https://www.suse.com/security/cve/CVE-2015-0353.html
   https://www.suse.com/security/cve/CVE-2015-0354.html
   https://www.suse.com/security/cve/CVE-2015-0355.html
   https://www.suse.com/security/cve/CVE-2015-0356.html
   https://www.suse.com/security/cve/CVE-2015-0357.html
   https://www.suse.com/security/cve/CVE-2015-0358.html
   https://www.suse.com/security/cve/CVE-2015-0359.html
   https://www.suse.com/security/cve/CVE-2015-0360.html
   https://www.suse.com/security/cve/CVE-2015-3038.html
   https://www.suse.com/security/cve/CVE-2015-3039.html
   https://www.suse.com/security/cve/CVE-2015-3040.html
   https://www.suse.com/security/cve/CVE-2015-3041.html
   https://www.suse.com/security/cve/CVE-2015-3042.html
   https://www.suse.com/security/cve/CVE-2015-3043.html
   https://www.suse.com/security/cve/CVE-2015-3044.html
   https://bugzilla.suse.com/856386
   https://bugzilla.suse.com/901334
   https://bugzilla.suse.com/905032
   https://bugzilla.suse.com/907257
   https://bugzilla.suse.com/909219
   https://bugzilla.suse.com/913057
   https://bugzilla.suse.com/914333
   https://bugzilla.suse.com/914463
   https://bugzilla.suse.com/922033
   https://bugzilla.suse.com/927089

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung