Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2017.0014
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2017-0014)
Zusammenfassung:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2017-0014 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2017-0014 advisory. Vulnerability Insight: Adobe Flash Player 24.0.0.194 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows. This update resolves security bypass vulnerabilities (CVE-2016-7890, CVE-2017-2938). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2016-7872, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7892, CVE-2017-2932, CVE-2017-2936, CVE-2017-2937). This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2016-7871, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876, CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931). Note that Adobe has dropped Adobe Access DRM support from all their Linux releases since their 11.2 release series (which no longer gets security updates), so any Flash content protected with Adobe Access will no longer work. Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7867 BugTraq ID: 94871 http://www.securityfocus.com/bid/94871 https://security.gentoo.org/glsa/201701-17 http://www.zerodayinitiative.com/advisories/ZDI-16-622 Microsoft Security Bulletin: MS16-154 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 RedHat Security Advisories: RHSA-2016:2947 http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securitytracker.com/id/1037442 SuSE Security Announcement: SUSE-SU-2016:3148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html SuSE Security Announcement: openSUSE-SU-2016:3160 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html Common Vulnerability Exposure (CVE) ID: CVE-2016-7868 http://www.zerodayinitiative.com/advisories/ZDI-16-625 Common Vulnerability Exposure (CVE) ID: CVE-2016-7869 http://www.zerodayinitiative.com/advisories/ZDI-16-624 Common Vulnerability Exposure (CVE) ID: CVE-2016-7870 http://www.zerodayinitiative.com/advisories/ZDI-16-623 Common Vulnerability Exposure (CVE) ID: CVE-2016-7871 BugTraq ID: 94866 http://www.securityfocus.com/bid/94866 http://www.zerodayinitiative.com/advisories/ZDI-16-627 Common Vulnerability Exposure (CVE) ID: CVE-2016-7872 BugTraq ID: 94873 http://www.securityfocus.com/bid/94873 http://www.zerodayinitiative.com/advisories/ZDI-16-626 Common Vulnerability Exposure (CVE) ID: CVE-2016-7873 Common Vulnerability Exposure (CVE) ID: CVE-2016-7874 Common Vulnerability Exposure (CVE) ID: CVE-2016-7875 http://www.zerodayinitiative.com/advisories/ZDI-16-621 Common Vulnerability Exposure (CVE) ID: CVE-2016-7876 Common Vulnerability Exposure (CVE) ID: CVE-2016-7877 Common Vulnerability Exposure (CVE) ID: CVE-2016-7878 http://www.zerodayinitiative.com/advisories/ZDI-16-620 Common Vulnerability Exposure (CVE) ID: CVE-2016-7879 http://www.zerodayinitiative.com/advisories/ZDI-16-619 Common Vulnerability Exposure (CVE) ID: CVE-2016-7880 Common Vulnerability Exposure (CVE) ID: CVE-2016-7881 Common Vulnerability Exposure (CVE) ID: CVE-2016-7890 BugTraq ID: 94870 http://www.securityfocus.com/bid/94870 Common Vulnerability Exposure (CVE) ID: CVE-2016-7892 BugTraq ID: 94877 http://www.securityfocus.com/bid/94877 Common Vulnerability Exposure (CVE) ID: CVE-2017-2925 BugTraq ID: 95350 http://www.securityfocus.com/bid/95350 https://security.gentoo.org/glsa/201702-20 RedHat Security Advisories: RHSA-2017:0057 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securitytracker.com/id/1037570 Common Vulnerability Exposure (CVE) ID: CVE-2017-2926 Common Vulnerability Exposure (CVE) ID: CVE-2017-2927 BugTraq ID: 95347 http://www.securityfocus.com/bid/95347 Common Vulnerability Exposure (CVE) ID: CVE-2017-2928 Common Vulnerability Exposure (CVE) ID: CVE-2017-2930 https://www.exploit-db.com/exploits/41008/ https://www.exploit-db.com/exploits/41012/ http://packetstormsecurity.com/files/140463/Adobe-Flash-24.0.0.186-Code-Execution.html https://cosig.gouv.qc.ca/en/cosig-2017-01-en/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2931 https://www.exploit-db.com/exploits/41608/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2932 BugTraq ID: 95342 http://www.securityfocus.com/bid/95342 https://www.exploit-db.com/exploits/41609/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2933 https://www.exploit-db.com/exploits/41610/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2934 https://www.exploit-db.com/exploits/41611/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2935 https://www.exploit-db.com/exploits/41612/ Common Vulnerability Exposure (CVE) ID: CVE-2017-2936 Common Vulnerability Exposure (CVE) ID: CVE-2017-2937 Common Vulnerability Exposure (CVE) ID: CVE-2017-2938 BugTraq ID: 95341 http://www.securityfocus.com/bid/95341
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.