Test ID:	1.3.6.1.4.1.25623.1.0.130012
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0379)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0379 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0379 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.521 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-5573). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2015-5571). This update resolves a memory leak vulnerability (CVE-2015-5576). This update includes further hardening to a mitigation to defend against vector length corruptions (CVE-2015-5568). This update resolves stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5567 BugTraq ID: 76800 http://www.securityfocus.com/bid/76800 https://security.gentoo.org/glsa/201509-07 RedHat Security Advisories: RHSA-2015:1814 http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securitytracker.com/id/1033629 SuSE Security Announcement: SUSE-SU-2015:1614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html SuSE Security Announcement: SUSE-SU-2015:1618 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html SuSE Security Announcement: openSUSE-SU-2015:1616 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5568 BugTraq ID: 76798 http://www.securityfocus.com/bid/76798 https://www.exploit-db.com/exploits/38348/ https://code.google.com/p/google-security-research/issues/detail?id=504 Common Vulnerability Exposure (CVE) ID: CVE-2015-5570 BugTraq ID: 76795 http://www.securityfocus.com/bid/76795 http://www.zerodayinitiative.com/advisories/ZDI-15-447 Common Vulnerability Exposure (CVE) ID: CVE-2015-5571 BugTraq ID: 76803 http://www.securityfocus.com/bid/76803 Common Vulnerability Exposure (CVE) ID: CVE-2015-5572 BugTraq ID: 76804 http://www.securityfocus.com/bid/76804 Common Vulnerability Exposure (CVE) ID: CVE-2015-5573 BugTraq ID: 76794 http://www.securityfocus.com/bid/76794 Common Vulnerability Exposure (CVE) ID: CVE-2015-5574 https://www.exploit-db.com/exploits/39652/ Common Vulnerability Exposure (CVE) ID: CVE-2015-5575 BugTraq ID: 76799 http://www.securityfocus.com/bid/76799 Common Vulnerability Exposure (CVE) ID: CVE-2015-5576 BugTraq ID: 76802 http://www.securityfocus.com/bid/76802 Common Vulnerability Exposure (CVE) ID: CVE-2015-5577 Common Vulnerability Exposure (CVE) ID: CVE-2015-5578 Common Vulnerability Exposure (CVE) ID: CVE-2015-5579 Common Vulnerability Exposure (CVE) ID: CVE-2015-5580 Common Vulnerability Exposure (CVE) ID: CVE-2015-5581 Common Vulnerability Exposure (CVE) ID: CVE-2015-5582 Common Vulnerability Exposure (CVE) ID: CVE-2015-5584 Common Vulnerability Exposure (CVE) ID: CVE-2015-5587 BugTraq ID: 76797 http://www.securityfocus.com/bid/76797 Common Vulnerability Exposure (CVE) ID: CVE-2015-5588 Common Vulnerability Exposure (CVE) ID: CVE-2015-6676 BugTraq ID: 76801 http://www.securityfocus.com/bid/76801 Common Vulnerability Exposure (CVE) ID: CVE-2015-6677 Common Vulnerability Exposure (CVE) ID: CVE-2015-6678 http://www.zerodayinitiative.com/advisories/ZDI-15-446 Common Vulnerability Exposure (CVE) ID: CVE-2015-6679 BugTraq ID: 76806 http://www.securityfocus.com/bid/76806 Common Vulnerability Exposure (CVE) ID: CVE-2015-6682
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.