Test ID:	1.3.6.1.4.1.25623.1.1.10.2014.0448
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2014-0448)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2014-0448 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2014-0448 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.418 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2014-0558, CVE-2014-0564, CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2014-0569). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573, CVE-2014-0588, CVE-2014-8438). This update resolves a double free vulnerability that could lead to code execution (CVE-2014-0574). This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0590). This update resolves heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582, CVE-2014-0589). This update resolves an information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). This update resolves a heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). This update resolves a permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0558 RedHat Security Advisories: RHSA-2014:1648 http://rhn.redhat.com/errata/RHSA-2014-1648.html http://www.securitytracker.com/id/1031019 http://secunia.com/advisories/61980 SuSE Security Announcement: SUSE-SU-2014:1360 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2014:1329 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html SuSE Security Announcement: openSUSE-SU-2015:0725 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0564 Common Vulnerability Exposure (CVE) ID: CVE-2014-0569 BugTraq ID: 70441 http://www.securityfocus.com/bid/70441 http://www.zerodayinitiative.com/advisories/ZDI-14-365/ Common Vulnerability Exposure (CVE) ID: CVE-2014-0573 Common Vulnerability Exposure (CVE) ID: CVE-2014-0574 Common Vulnerability Exposure (CVE) ID: CVE-2014-0576 Common Vulnerability Exposure (CVE) ID: CVE-2014-0577 Common Vulnerability Exposure (CVE) ID: CVE-2014-0581 Common Vulnerability Exposure (CVE) ID: CVE-2014-0582 BugTraq ID: 71039 http://www.securityfocus.com/bid/71039 Common Vulnerability Exposure (CVE) ID: CVE-2014-0583 BugTraq ID: 71035 http://www.securityfocus.com/bid/71035 Common Vulnerability Exposure (CVE) ID: CVE-2014-0584 Common Vulnerability Exposure (CVE) ID: CVE-2014-0585 Common Vulnerability Exposure (CVE) ID: CVE-2014-0586 Common Vulnerability Exposure (CVE) ID: CVE-2014-0588 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1084 Common Vulnerability Exposure (CVE) ID: CVE-2014-0589 BugTraq ID: 71051 http://www.securityfocus.com/bid/71051 Common Vulnerability Exposure (CVE) ID: CVE-2014-0590 Common Vulnerability Exposure (CVE) ID: CVE-2014-8437 BugTraq ID: 71036 http://www.securityfocus.com/bid/71036 XForce ISS Database: adobe-flash-cve20148437-info-disc(98628) https://exchange.xforce.ibmcloud.com/vulnerabilities/98628 Common Vulnerability Exposure (CVE) ID: CVE-2014-8438 BugTraq ID: 71049 http://www.securityfocus.com/bid/71049 XForce ISS Database: adobe-flash-cve20148438-code-exec(98619) https://exchange.xforce.ibmcloud.com/vulnerabilities/98619 Common Vulnerability Exposure (CVE) ID: CVE-2014-8440 BugTraq ID: 71047 http://www.securityfocus.com/bid/71047 https://www.exploit-db.com/exploits/36880/ https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1081 XForce ISS Database: adobe-flash-cve20148440-code-exec(98615) https://exchange.xforce.ibmcloud.com/vulnerabilities/98615 Common Vulnerability Exposure (CVE) ID: CVE-2014-8441 BugTraq ID: 71050 http://www.securityfocus.com/bid/71050 XForce ISS Database: adobe-cve20148441-code-exec(98616) https://exchange.xforce.ibmcloud.com/vulnerabilities/98616 Common Vulnerability Exposure (CVE) ID: CVE-2014-8442 BugTraq ID: 71040 http://www.securityfocus.com/bid/71040 XForce ISS Database: adobe-flash-cve20148442-priv-esc(98630) https://exchange.xforce.ibmcloud.com/vulnerabilities/98630
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.