Test ID:	1.3.6.1.4.1.25623.1.1.10.2016.0228
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2016-0228)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2016-0228 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2016-0228 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.626 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148). This update resolves heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171). This update resolves a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140). This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139). Adobe reports that an exploit for CVE-2016-4171 exists in the wild. Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4122 Microsoft Security Bulletin: MS16-083 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 RedHat Security Advisories: RHSA-2016:1238 https://access.redhat.com/errata/RHSA-2016:1238 http://www.securitytracker.com/id/1036117 SuSE Security Announcement: SUSE-SU-2016:1613 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html SuSE Security Announcement: openSUSE-SU-2016:1621 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html SuSE Security Announcement: openSUSE-SU-2016:1625 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4123 Common Vulnerability Exposure (CVE) ID: CVE-2016-4124 Common Vulnerability Exposure (CVE) ID: CVE-2016-4125 Common Vulnerability Exposure (CVE) ID: CVE-2016-4127 Common Vulnerability Exposure (CVE) ID: CVE-2016-4128 Common Vulnerability Exposure (CVE) ID: CVE-2016-4129 Common Vulnerability Exposure (CVE) ID: CVE-2016-4130 Common Vulnerability Exposure (CVE) ID: CVE-2016-4131 Common Vulnerability Exposure (CVE) ID: CVE-2016-4132 Common Vulnerability Exposure (CVE) ID: CVE-2016-4133 Common Vulnerability Exposure (CVE) ID: CVE-2016-4134 Common Vulnerability Exposure (CVE) ID: CVE-2016-4135 https://www.exploit-db.com/exploits/40087/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4136 https://www.exploit-db.com/exploits/40088/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4137 https://www.exploit-db.com/exploits/40089/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4138 https://www.exploit-db.com/exploits/40090/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4139 Common Vulnerability Exposure (CVE) ID: CVE-2016-4140 Common Vulnerability Exposure (CVE) ID: CVE-2016-4141 Common Vulnerability Exposure (CVE) ID: CVE-2016-4142 Common Vulnerability Exposure (CVE) ID: CVE-2016-4143 Common Vulnerability Exposure (CVE) ID: CVE-2016-4144 Common Vulnerability Exposure (CVE) ID: CVE-2016-4145 Common Vulnerability Exposure (CVE) ID: CVE-2016-4146 Common Vulnerability Exposure (CVE) ID: CVE-2016-4147 Common Vulnerability Exposure (CVE) ID: CVE-2016-4148 Common Vulnerability Exposure (CVE) ID: CVE-2016-4149 Common Vulnerability Exposure (CVE) ID: CVE-2016-4150 Common Vulnerability Exposure (CVE) ID: CVE-2016-4151 Common Vulnerability Exposure (CVE) ID: CVE-2016-4152 Common Vulnerability Exposure (CVE) ID: CVE-2016-4153 Common Vulnerability Exposure (CVE) ID: CVE-2016-4154 Common Vulnerability Exposure (CVE) ID: CVE-2016-4155 Common Vulnerability Exposure (CVE) ID: CVE-2016-4156 Common Vulnerability Exposure (CVE) ID: CVE-2016-4166 Common Vulnerability Exposure (CVE) ID: CVE-2016-4171 BugTraq ID: 91184 http://www.securityfocus.com/bid/91184 CERT/CC vulnerability note: VU#748992 https://www.kb.cert.org/vuls/id/748992 https://security.gentoo.org/glsa/201606-08 http://www.securitytracker.com/id/1036094
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.