ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0218
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0218)
Resumen:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0218 advisory.
Descripción:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0218 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.460 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090, CVE-2015-3093). This update resolves a heap overflow vulnerability that could lead to code execution (CVE-2015-3088). This update resolves a time-of-check time-of-use (TOCTOU) race condition that could be exploited to bypass Protected Mode in Internet Explorer (CVE-2015-3081). This update resolves validation bypass issues that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-3082, CVE-2015-3083, CVE-2015-3085). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2015-3087). This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086). This update resolves a use-after-free vulnerability that could lead to code execution (CVE-2015-3080). This update resolves memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-3091, CVE-2015-3092). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-3079), and provides additional hardening to protect against CVE-2015-3044. Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3044 BugTraq ID: 74065 http://www.securityfocus.com/bid/74065 https://security.gentoo.org/glsa/201504-07 https://security.gentoo.org/glsa/201505-02 RedHat Security Advisories: RHSA-2015:0813 http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securitytracker.com/id/1032105 SuSE Security Announcement: SUSE-SU-2015:0722 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html SuSE Security Announcement: SUSE-SU-2015:0723 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html SuSE Security Announcement: SUSE-SU-2015:0878 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:0718 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0725 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:0890 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0914 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3077 BugTraq ID: 74614 http://www.securityfocus.com/bid/74614 RedHat Security Advisories: RHSA-2015:1005 http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securitytracker.com/id/1032285 Common Vulnerability Exposure (CVE) ID: CVE-2015-3078 BugTraq ID: 74605 http://www.securityfocus.com/bid/74605 Common Vulnerability Exposure (CVE) ID: CVE-2015-3079 BugTraq ID: 74612 http://www.securityfocus.com/bid/74612 Common Vulnerability Exposure (CVE) ID: CVE-2015-3080 BugTraq ID: 74608 http://www.securityfocus.com/bid/74608 https://www.exploit-db.com/exploits/37853/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3081 BugTraq ID: 74613 http://www.securityfocus.com/bid/74613 https://www.exploit-db.com/exploits/37842/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3082 BugTraq ID: 74610 http://www.securityfocus.com/bid/74610 https://www.exploit-db.com/exploits/37840/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3083 https://www.exploit-db.com/exploits/37841/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3084 Common Vulnerability Exposure (CVE) ID: CVE-2015-3085 http://www.zerodayinitiative.com/advisories/ZDI-15-216 http://www.zerodayinitiative.com/advisories/ZDI-15-216/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3086 Common Vulnerability Exposure (CVE) ID: CVE-2015-3087 BugTraq ID: 74616 http://www.securityfocus.com/bid/74616 https://www.exploit-db.com/exploits/37843/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3088 BugTraq ID: 74609 http://www.securityfocus.com/bid/74609 https://www.exploit-db.com/exploits/37844/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3089 https://www.exploit-db.com/exploits/37845/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3090 Common Vulnerability Exposure (CVE) ID: CVE-2015-3091 BugTraq ID: 74617 http://www.securityfocus.com/bid/74617 Common Vulnerability Exposure (CVE) ID: CVE-2015-3092 Common Vulnerability Exposure (CVE) ID: CVE-2015-3093 https://www.exploit-db.com/exploits/37846/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.