Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0218)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.10.2015.0218
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2015-0218)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0218 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2015-0218 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.460 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090, CVE-2015-3093). This update resolves a heap overflow vulnerability that could lead to code execution (CVE-2015-3088). This update resolves a time-of-check time-of-use (TOCTOU) race condition that could be exploited to bypass Protected Mode in Internet Explorer (CVE-2015-3081). This update resolves validation bypass issues that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-3082, CVE-2015-3083, CVE-2015-3085). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2015-3087). This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086). This update resolves a use-after-free vulnerability that could lead to code execution (CVE-2015-3080). This update resolves memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-3091, CVE-2015-3092). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-3079), and provides additional hardening to protect against CVE-2015-3044. Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3044 BugTraq ID: 74065 http://www.securityfocus.com/bid/74065 https://security.gentoo.org/glsa/201504-07 https://security.gentoo.org/glsa/201505-02 RedHat Security Advisories: RHSA-2015:0813 http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securitytracker.com/id/1032105 SuSE Security Announcement: SUSE-SU-2015:0722 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html SuSE Security Announcement: SUSE-SU-2015:0723 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html SuSE Security Announcement: SUSE-SU-2015:0878 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:0718 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0725 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html SuSE Security Announcement: openSUSE-SU-2015:0890 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0914 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3077 BugTraq ID: 74614 http://www.securityfocus.com/bid/74614 RedHat Security Advisories: RHSA-2015:1005 http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securitytracker.com/id/1032285 Common Vulnerability Exposure (CVE) ID: CVE-2015-3078 BugTraq ID: 74605 http://www.securityfocus.com/bid/74605 Common Vulnerability Exposure (CVE) ID: CVE-2015-3079 BugTraq ID: 74612 http://www.securityfocus.com/bid/74612 Common Vulnerability Exposure (CVE) ID: CVE-2015-3080 BugTraq ID: 74608 http://www.securityfocus.com/bid/74608 https://www.exploit-db.com/exploits/37853/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3081 BugTraq ID: 74613 http://www.securityfocus.com/bid/74613 https://www.exploit-db.com/exploits/37842/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3082 BugTraq ID: 74610 http://www.securityfocus.com/bid/74610 https://www.exploit-db.com/exploits/37840/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3083 https://www.exploit-db.com/exploits/37841/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3084 Common Vulnerability Exposure (CVE) ID: CVE-2015-3085 http://www.zerodayinitiative.com/advisories/ZDI-15-216 http://www.zerodayinitiative.com/advisories/ZDI-15-216/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3086 Common Vulnerability Exposure (CVE) ID: CVE-2015-3087 BugTraq ID: 74616 http://www.securityfocus.com/bid/74616 https://www.exploit-db.com/exploits/37843/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3088 BugTraq ID: 74609 http://www.securityfocus.com/bid/74609 https://www.exploit-db.com/exploits/37844/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3089 https://www.exploit-db.com/exploits/37845/ Common Vulnerability Exposure (CVE) ID: CVE-2015-3090 Common Vulnerability Exposure (CVE) ID: CVE-2015-3091 BugTraq ID: 74617 http://www.securityfocus.com/bid/74617 Common Vulnerability Exposure (CVE) ID: CVE-2015-3092 Common Vulnerability Exposure (CVE) ID: CVE-2015-3093 https://www.exploit-db.com/exploits/37846/
Copyright	Copyright (C) 2022 Greenbone AG