Test ID:	1.3.6.1.4.1.25623.1.0.131094
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0399)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0399 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0399 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.535 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-7628). This update includes a defense-in-depth feature in the Flash broker API (CVE-2015-5569). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7643, CVE-2015-7644). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2015-7632). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7625 BugTraq ID: 77065 http://www.securityfocus.com/bid/77065 https://security.gentoo.org/glsa/201511-02 RedHat Security Advisories: RHSA-2015:1893 http://rhn.redhat.com/errata/RHSA-2015-1893.html RedHat Security Advisories: RHSA-2015:2024 http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securitytracker.com/id/1033797 SuSE Security Announcement: SUSE-SU-2015:1740 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html SuSE Security Announcement: SUSE-SU-2015:1742 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html SuSE Security Announcement: openSUSE-SU-2015:1744 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:1781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7626 Common Vulnerability Exposure (CVE) ID: CVE-2015-7627 Common Vulnerability Exposure (CVE) ID: CVE-2015-7628 BugTraq ID: 77063 http://www.securityfocus.com/bid/77063 http://jvn.jp/en/jp/JVN22533124/index.html http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005234.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7629 BugTraq ID: 77061 http://www.securityfocus.com/bid/77061 http://www.zerodayinitiative.com/advisories/ZDI-15-514 Common Vulnerability Exposure (CVE) ID: CVE-2015-7630 Common Vulnerability Exposure (CVE) ID: CVE-2015-7631 http://www.zerodayinitiative.com/advisories/ZDI-15-513 Common Vulnerability Exposure (CVE) ID: CVE-2015-7632 BugTraq ID: 77062 http://www.securityfocus.com/bid/77062 http://www.zerodayinitiative.com/advisories/ZDI-15-512 Common Vulnerability Exposure (CVE) ID: CVE-2015-7633 Common Vulnerability Exposure (CVE) ID: CVE-2015-7634 Common Vulnerability Exposure (CVE) ID: CVE-2015-7643 http://www.zerodayinitiative.com/advisories/ZDI-15-511 Common Vulnerability Exposure (CVE) ID: CVE-2015-7644
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.