Test ID:	1.3.6.1.4.1.25623.1.0.130103
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0275)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0275 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0275 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.491 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. This update resolves a use-after-free vulnerability that could lead to code execution (CVE-2015-5122). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2015-5123). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5122 BugTraq ID: 75712 http://www.securityfocus.com/bid/75712 Cert/CC Advisory: TA15-195A http://www.us-cert.gov/ncas/alerts/TA15-195A CERT/CC vulnerability note: VU#338736 http://www.kb.cert.org/vuls/id/338736 https://www.exploit-db.com/exploits/37599/ https://security.gentoo.org/glsa/201508-01 HPdes Security Advisory: HPSBHF03509 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPdes Security Advisory: SSRT102253 http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/ https://perception-point.io/new/breaking-cfi.php https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html RedHat Security Advisories: RHSA-2015:1235 http://rhn.redhat.com/errata/RHSA-2015-1235.html http://www.securitytracker.com/id/1032890 SuSE Security Announcement: SUSE-SU-2015:1255 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html SuSE Security Announcement: SUSE-SU-2015:1258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html SuSE Security Announcement: openSUSE-SU-2015:1267 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5123 BugTraq ID: 75710 http://www.securityfocus.com/bid/75710 CERT/CC vulnerability note: VU#918568 http://www.kb.cert.org/vuls/id/918568 http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.