Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0248)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.130128
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0248)
Resumen:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0248 advisory.
Descripción:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0248 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.468 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP, are known targets. This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2015-3113). This update resolves a vulnerability (CVE-2015-3096) that could be exploited to bypass the fix for CVE-2014-5333. This update resolves vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-3098, CVE-2015-3099, CVE-2015-3102). This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2015-3100). This update resolves a permission issue in the Flash broker for Internet Explorer that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2015-3101). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2015-3104). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2015-3105). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-3103, CVE-2015-3106, CVE-2015-3107). This update resolves a memory leak vulnerability that could be used to bypass ASLR (CVE-2015-3108). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3096 BugTraq ID: 75088 http://www.securityfocus.com/bid/75088 https://security.gentoo.org/glsa/201506-01 RedHat Security Advisories: RHSA-2015:1086 http://rhn.redhat.com/errata/RHSA-2015-1086.html http://www.securitytracker.com/id/1032519 SuSE Security Announcement: SUSE-SU-2015:1043 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:1047 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html SuSE Security Announcement: openSUSE-SU-2015:1061 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3098 BugTraq ID: 75080 http://www.securityfocus.com/bid/75080 Common Vulnerability Exposure (CVE) ID: CVE-2015-3099 Common Vulnerability Exposure (CVE) ID: CVE-2015-3100 BugTraq ID: 75085 http://www.securityfocus.com/bid/75085 Common Vulnerability Exposure (CVE) ID: CVE-2015-3101 BugTraq ID: 75089 http://www.securityfocus.com/bid/75089 Common Vulnerability Exposure (CVE) ID: CVE-2015-3102 Common Vulnerability Exposure (CVE) ID: CVE-2015-3103 BugTraq ID: 75087 http://www.securityfocus.com/bid/75087 Common Vulnerability Exposure (CVE) ID: CVE-2015-3104 BugTraq ID: 75081 http://www.securityfocus.com/bid/75081 Common Vulnerability Exposure (CVE) ID: CVE-2015-3105 BugTraq ID: 75086 http://www.securityfocus.com/bid/75086 Common Vulnerability Exposure (CVE) ID: CVE-2015-3106 https://www.exploit-db.com/exploits/37847/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3107 https://www.exploit-db.com/exploits/37850/ https://security.gentoo.org/glsa/201508-01 SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3108 BugTraq ID: 75084 http://www.securityfocus.com/bid/75084 Common Vulnerability Exposure (CVE) ID: CVE-2015-3113 BugTraq ID: 75371 http://www.securityfocus.com/bid/75371 https://security.gentoo.org/glsa/201507-13 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 RedHat Security Advisories: RHSA-2015:1184 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securitytracker.com/id/1032696 SuSE Security Announcement: SUSE-SU-2015:1136 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html SuSE Security Announcement: openSUSE-SU-2015:1148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html SuSE Security Announcement: openSUSE-SU-2015:1180 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html
Copyright	Copyright (C) 2015 Greenbone AG