| Beschreibung: | Summary:
The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0155 advisory.
Vulnerability Insight:
Adobe Flash Player 11.2.202.457 contains fixes to critical security
vulnerabilities found in earlier versions that could cause a crash and
potentially allow an attacker to take control of the affected system.
This update resolves memory corruption vulnerabilities that could lead to
code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353,
CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041,
CVE-2015-3042, CVE-2015-3043).
This update resolves a type confusion vulnerability that could lead to code
execution (CVE-2015-0356).
This update resolves a buffer overflow vulnerability that could lead to
code execution (CVE-2015-0348).
This update resolves use-after-free vulnerabilities that could lead to code
execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039).
This update resolves double-free vulnerabilities that could lead to code
execution (CVE-2015-0346, CVE-2015-0359).
This update resolves memory leak vulnerabilities that could be used to
bypass ASLR (CVE-2015-0357, CVE-2015-3040).
This update resolves a security bypass vulnerability that could lead to
information disclosure (CVE-2015-3044).
Affected Software/OS:
'flash-player-plugin' package(s) on Mageia 4.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
