Test Kennung:	1.3.6.1.4.1.25623.1.0.130012
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2015-0379)
Zusammenfassung:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0379 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0379 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.521 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-5573). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2015-5571). This update resolves a memory leak vulnerability (CVE-2015-5576). This update includes further hardening to a mitigation to defend against vector length corruptions (CVE-2015-5568). This update resolves stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5567 BugTraq ID: 76800 http://www.securityfocus.com/bid/76800 https://security.gentoo.org/glsa/201509-07 RedHat Security Advisories: RHSA-2015:1814 http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securitytracker.com/id/1033629 SuSE Security Announcement: SUSE-SU-2015:1614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html SuSE Security Announcement: SUSE-SU-2015:1618 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html SuSE Security Announcement: openSUSE-SU-2015:1616 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5568 BugTraq ID: 76798 http://www.securityfocus.com/bid/76798 https://www.exploit-db.com/exploits/38348/ https://code.google.com/p/google-security-research/issues/detail?id=504 Common Vulnerability Exposure (CVE) ID: CVE-2015-5570 BugTraq ID: 76795 http://www.securityfocus.com/bid/76795 http://www.zerodayinitiative.com/advisories/ZDI-15-447 Common Vulnerability Exposure (CVE) ID: CVE-2015-5571 BugTraq ID: 76803 http://www.securityfocus.com/bid/76803 Common Vulnerability Exposure (CVE) ID: CVE-2015-5572 BugTraq ID: 76804 http://www.securityfocus.com/bid/76804 Common Vulnerability Exposure (CVE) ID: CVE-2015-5573 BugTraq ID: 76794 http://www.securityfocus.com/bid/76794 Common Vulnerability Exposure (CVE) ID: CVE-2015-5574 https://www.exploit-db.com/exploits/39652/ Common Vulnerability Exposure (CVE) ID: CVE-2015-5575 BugTraq ID: 76799 http://www.securityfocus.com/bid/76799 Common Vulnerability Exposure (CVE) ID: CVE-2015-5576 BugTraq ID: 76802 http://www.securityfocus.com/bid/76802 Common Vulnerability Exposure (CVE) ID: CVE-2015-5577 Common Vulnerability Exposure (CVE) ID: CVE-2015-5578 Common Vulnerability Exposure (CVE) ID: CVE-2015-5579 Common Vulnerability Exposure (CVE) ID: CVE-2015-5580 Common Vulnerability Exposure (CVE) ID: CVE-2015-5581 Common Vulnerability Exposure (CVE) ID: CVE-2015-5582 Common Vulnerability Exposure (CVE) ID: CVE-2015-5584 Common Vulnerability Exposure (CVE) ID: CVE-2015-5587 BugTraq ID: 76797 http://www.securityfocus.com/bid/76797 Common Vulnerability Exposure (CVE) ID: CVE-2015-5588 Common Vulnerability Exposure (CVE) ID: CVE-2015-6676 BugTraq ID: 76801 http://www.securityfocus.com/bid/76801 Common Vulnerability Exposure (CVE) ID: CVE-2015-6677 Common Vulnerability Exposure (CVE) ID: CVE-2015-6678 http://www.zerodayinitiative.com/advisories/ZDI-15-446 Common Vulnerability Exposure (CVE) ID: CVE-2015-6679 BugTraq ID: 76806 http://www.securityfocus.com/bid/76806 Common Vulnerability Exposure (CVE) ID: CVE-2015-6682
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.