Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Adobe Flash Player
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Adobe Flash Player
ID: 201309-06
Distribution: Gentoo
Plattformen: Keine Angabe
Datum: Sa, 14. September 2013, 11:07
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5255
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5256
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5264
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5265
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0630
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0633
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0634
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5324
Applikationen: Flash Plugin for Browsers

Originalnachricht

 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig4DCEF7BEE532F1CCEDFA7970
Content-Type: text/plain; charset=ISO-8859-
Content-Transfer-Encoding: quoted-printable

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201309-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Adobe Flash Player: Multiple vulnerabilities
     Date: September 14, 2013
     Bugs: #437808, #442084, #446984, #452104, #456132, #457066,
           #459368, #461598, #465534, #469870, #473038, #476328, #484512
       ID: 201309-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Adobe Flash Player, the
worst of which could result in execution of arbitrary code.

Background
==========

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-plugins/adobe-flash   < 11.2.202.310         >= 11.2.202.310

Description
===========

Multiple unspecified vulnerabilities have been discovered in Adobe
Flash Player. Please review the CVE identifiers referenced below for
details.

Impact
======

A remote attacker could entice a user to open specially crafted SWF
content, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to bypass access
restrictions.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Adobe Flash Player users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v
 ">=www-plugins/adobe-flash-11.2.202.310"

References
==========

[   1 ] CVE-2012-5248
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[   2 ] CVE-2012-5248
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248
[   3 ] CVE-2012-5249
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[   4 ] CVE-2012-5249
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249
[   5 ] CVE-2012-5250
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[   6 ] CVE-2012-5250
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250
[   7 ] CVE-2012-5251
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[   8 ] CVE-2012-5251
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251
[   9 ] CVE-2012-5252
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[  10 ] CVE-2012-5252
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252
[  11 ] CVE-2012-5253
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[  12 ] CVE-2012-5253
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253
[  13 ] CVE-2012-5254
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[  14 ] CVE-2012-5254
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254
[  15 ] CVE-2012-5255
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[  16 ] CVE-2012-5255
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255
[  17 ] CVE-2012-5256
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[  18 ] CVE-2012-5256
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256
[  19 ] CVE-2012-5257
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[  20 ] CVE-2012-5257
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257
[  21 ] CVE-2012-5258
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[  22 ] CVE-2012-5258
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258
[  23 ] CVE-2012-5259
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[  24 ] CVE-2012-5259
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259
[  25 ] CVE-2012-5260
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[  26 ] CVE-2012-5260
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260
[  27 ] CVE-2012-5261
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[  28 ] CVE-2012-5261
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261
[  29 ] CVE-2012-5262
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[  30 ] CVE-2012-5262
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262
[  31 ] CVE-2012-5263
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[  32 ] CVE-2012-5263
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263
[  33 ] CVE-2012-5264
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[  34 ] CVE-2012-5264
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264
[  35 ] CVE-2012-5265
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[  36 ] CVE-2012-5265
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265
[  37 ] CVE-2012-5266
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[  38 ] CVE-2012-5266
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266
[  39 ] CVE-2012-5267
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[  40 ] CVE-2012-5267
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267
[  41 ] CVE-2012-5268
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[  42 ] CVE-2012-5268
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268
[  43 ] CVE-2012-5269
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[  44 ] CVE-2012-5269
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269
[  45 ] CVE-2012-5270
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[  46 ] CVE-2012-5270
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270
[  47 ] CVE-2012-5271
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[  48 ] CVE-2012-5271
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271
[  49 ] CVE-2012-5272
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[  50 ] CVE-2012-5272
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272
[  51 ] CVE-2012-5274
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274
[  52 ] CVE-2012-5275
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275
[  53 ] CVE-2012-5276
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276
[  54 ] CVE-2012-5277
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277
[  55 ] CVE-2012-5278
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278
[  56 ] CVE-2012-5279
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279
[  57 ] CVE-2012-5280
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280
[  58 ] CVE-2012-5676
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676
[  59 ] CVE-2012-5677
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677
[  60 ] CVE-2012-5678
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678
[  61 ] CVE-2013-0504
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504
[  62 ] CVE-2013-0630
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630
[  63 ] CVE-2013-0633
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633
[  64 ] CVE-2013-0634
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634
[  65 ] CVE-2013-0637
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637
[  66 ] CVE-2013-0638
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638
[  67 ] CVE-2013-0639
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639
[  68 ] CVE-2013-0642
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642
[  69 ] CVE-2013-0643
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643
[  70 ] CVE-2013-0644
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644
[  71 ] CVE-2013-0645
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645
[  72 ] CVE-2013-0646
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646
[  73 ] CVE-2013-0647
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647
[  74 ] CVE-2013-0648
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648
[  75 ] CVE-2013-0649
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649
[  76 ] CVE-2013-0650
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650
[  77 ] CVE-2013-1365
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365
[  78 ] CVE-2013-1366
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366
[  79 ] CVE-2013-1367
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367
[  80 ] CVE-2013-1368
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368
[  81 ] CVE-2013-1369
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369
[  82 ] CVE-2013-1370
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370
[  83 ] CVE-2013-1371
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371
[  84 ] CVE-2013-1372
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372
[  85 ] CVE-2013-1373
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373
[  86 ] CVE-2013-1374
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374
[  87 ] CVE-2013-1375
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375
[  88 ] CVE-2013-1378
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378
[  89 ] CVE-2013-1379
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379
[  90 ] CVE-2013-1380
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380
[  91 ] CVE-2013-2555
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555
[  92 ] CVE-2013-2728
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728
[  93 ] CVE-2013-3343
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343
[  94 ] CVE-2013-3344
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344
[  95 ] CVE-2013-3345
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345
[  96 ] CVE-2013-3347
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347
[  97 ] CVE-2013-3361
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361
[  98 ] CVE-2013-3362
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362
[  99 ] CVE-2013-3363
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363
[ 100 ] CVE-2013-5324
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 http://security.gentoo.org/glsa/glsa-201309-06.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


--------------enig4DCEF7BEE532F1CCEDFA7970
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAlIzyVIACgkQAnl3SfnYR/jCfgD9GZnb/zLAS9/njH3UQTRpq6Ol
ncMPsJENURJw9QD8Np8A/0uHbhHaN4ae7bVP2Auoc8wjJkh36WLxfT+yGEiGKdFg
=xbWx
-----END PGP SIGNATURE-----

--------------enig4DCEF7BEE532F1CCEDFA7970--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung