Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0404)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.131099

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2015-0404)

Resumen: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0404 advisory.

Descripción: Summary:
The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0404 advisory.

Vulnerability Insight:
Adobe Flash Player 11.2.202.540 contains fixes to critical security
vulnerabilities found in earlier versions that could potentially allow
an attacker to take control of the affected system.

This update resolves type confusion vulnerabilities that could lead to
code execution (CVE-2015-7645, CVE-2015-7647, CVE-2015-7648).

An exploit for CVE-2015-7645 is being used in the wild.

Affected Software/OS:
'flash-player-plugin' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7645
BugTraq ID: 77081
http://www.securityfocus.com/bid/77081
https://www.exploit-db.com/exploits/38490/
https://security.gentoo.org/glsa/201511-02
http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html
RedHat Security Advisories: RHSA-2015:1913
http://rhn.redhat.com/errata/RHSA-2015-1913.html
RedHat Security Advisories: RHSA-2015:2024
http://rhn.redhat.com/errata/RHSA-2015-2024.html
http://www.securitytracker.com/id/1033850
SuSE Security Announcement: SUSE-SU-2015:1770 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00016.html
SuSE Security Announcement: SUSE-SU-2015:1771 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00017.html
SuSE Security Announcement: openSUSE-SU-2015:1768 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7647
BugTraq ID: 77115
http://www.securityfocus.com/bid/77115
https://www.exploit-db.com/exploits/38969/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7648
BugTraq ID: 77116
http://www.securityfocus.com/bid/77116
https://www.exploit-db.com/exploits/38970/

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.131099
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0404)
Resumen:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0404 advisory.
Descripción:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0404 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.540 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2015-7645, CVE-2015-7647, CVE-2015-7648). An exploit for CVE-2015-7645 is being used in the wild. Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7645 BugTraq ID: 77081 http://www.securityfocus.com/bid/77081 https://www.exploit-db.com/exploits/38490/ https://security.gentoo.org/glsa/201511-02 http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/ http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html RedHat Security Advisories: RHSA-2015:1913 http://rhn.redhat.com/errata/RHSA-2015-1913.html RedHat Security Advisories: RHSA-2015:2024 http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securitytracker.com/id/1033850 SuSE Security Announcement: SUSE-SU-2015:1770 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00016.html SuSE Security Announcement: SUSE-SU-2015:1771 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00017.html SuSE Security Announcement: openSUSE-SU-2015:1768 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7647 BugTraq ID: 77115 http://www.securityfocus.com/bid/77115 https://www.exploit-db.com/exploits/38969/ Common Vulnerability Exposure (CVE) ID: CVE-2015-7648 BugTraq ID: 77116 http://www.securityfocus.com/bid/77116 https://www.exploit-db.com/exploits/38970/
Copyright	Copyright (C) 2015 Greenbone AG