VARIoT IoT vulnerabilities database

Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. Adobe Experience Manager (AEM) is a set of content management solutions from Adobe (Adobe) that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management. Dispatcher is one of the tools that keeps AEM cached or load balanced. There is a security vulnerability in AE M's Dispatcher, which is caused by the program not implementing the URL filter correctly. The following versions are affected: AEM version 5.6.1, version 6.0.0, version 6.1.0, Dispatcher versions prior to 4.1.5

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. Apache Sling is an open source web framework for the Java platform developed by the Apache Software Foundation. The framework can create content-oriented applications on JCR Content Repository (Java Content Repository). Adobe Experience Manager (AEM) is a set of content management solutions from Adobe (Adobe) that can be used to build websites, mobile applications and forms. Servlets Post is one of those containers. A remote attacker could exploit this vulnerability to obtain sensitive information. The following versions are affected: AEM Version 5.6.1, Version 6.0.0, Version 6.1.0, Servlets Post Version 2.3.6

Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog. Adobe Experience Manager (AEM) is a set of content management solutions from Adobe (Adobe) that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management. A cross-site scripting vulnerability exists in AEM. The following versions are affected: AEM version 5.6.1, version 6.0.0, version 6.1.0

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0953. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0952 and CVE-2016-0953. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0975 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion.". Supplementary information : CWE Vulnerability type by CWE-843:Access of Resource Using Incompatible Type ( Mixing of molds ) Has been identified. http://cwe.mitre.org/data/definitions/843.htmlBy the attacker, " Mixing of molds (type confusion)" May be used to execute arbitrary code. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. plural Cisco The product stores a plaintext encryption key, so there is a vulnerability that allows important information to be obtained. Vendors have confirmed this vulnerability Bug ID CSCuv85958 It is released as.Local users may get important information. Cisco Unified Communications Manager (also known as CallManager) and others are products of Cisco (Cisco). CallManager is a call processing component in a unified communication system. A local attacker could exploit this vulnerability to obtain sensitive information

Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. A security vulnerability exists in CUCM 11.5 (0.98000.480) version

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCux15489

Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code by using inappropriate reference processing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of instanceof. The issue lies in the failure to safely hold a reference to arguments during execution of the function. A use-after-free vulnerability exists in the 'instanceof' function of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy the attacker, URLLoader.load Arbitrary code may be executed via a call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of URLRequest objects. By calling URLLoader.load on a URLRequest object, an attacker can force a dangling pointer to be reused after it has been freed. A reuse-after-free vulnerability exists in the URLRequest object implementation of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577" References ========== [ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201603-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.569-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service (STOP mode transition) via crafted packets on TCP port 102. The Siemens SIMATIC S7-1500 is a family of modular controllers. The attacker exploited the vulnerability to allow the CPU to automatically restart and stay in STOP mode, requiring manual entry into RUN mode. Siemens SIMATIC S7-1500 CPU is a new generation controller in a TIA Portal (Integrated Automation Software) of Siemens

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102. The Siemens SIMATIC S7-1500 is a family of modular controllers. A bypass mechanism vulnerability exists in the Siemens SIMATIC S7-1500. Siemens SIMATIC S7-1500 CPU is a new generation controller in a TIA Portal (Integrated Automation Software) of Siemens

Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362. Vendors have confirmed this vulnerability Bug ID CSCux73362 It is released as.Unspecified by a third party URL You may get important call statistics via a direct request to. Cisco TelePresenceVideo Communication Server is a telepresence video communication server from Cisco, Inc. that integrates with unified communications and voice communications environments to provide the best experience for end users using a variety of communication tools. An attacker can exploit this issue to obtain sensitive information. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCux73362

ASUS RT Series Wireless Routers are ASUS RT Series wireless router products. An information disclosure vulnerability exists in ASUS RT Series Wireless Routers running ASUSWRT firmware version 3.0.0.378.9460. An attacker could use this vulnerability to obtain sensitive information

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). kernel is one of the kernels. The following versions are affected: 4.x prior to Android 4.4.4, 5.x prior to 5.1.1 LMY49G, 6.x prior to 2016-02-01. CVE-ID CVE-2016-1722 : Joshua J. CVE-ID CVE-2016-1781 : Devdatta Akhawe of Dropbox, Inc. WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to track sensitive user information Description: A hidden web page may be able to access device- orientation and device-motion data. This issue was addressed by suspending the availability of this data when the web view is hidden. CVE-ID CVE-2016-1780 : Maryam Mehrnezhad, Ehsan Toreini, Siamak F. Shahandashti, and Feng Hao of the School of Computing Science, Newcastle University, UK WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may reveal a user's current location Description: An issue existed in the parsing of geolocation requests. CVE-ID CVE-2016-1779 : xisigr of Tencent's Xuanwu Lab (http://www.tencent.com) WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed through additional port validation. CVE-ID CVE-2016-1782 : Muneaki Nishimura (nishimunea) of Recruit Technologies Co.,Ltd. CVE-ID CVE-2016-1784 : Moony Li and Jack Tang of TrendMicro and 李普君 of 无声信息技术PKAV Team (PKAV.net) WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Redirect responses may have allowed a malicious website to display an arbitrary URL and read cached contents of the destination origin. CVE-ID CVE-2016-1786 : ma.la of LINE Corporation WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: A caching issue existed with character encoding. CVE-ID CVE-2016-0801 : an anonymous researcher CVE-2016-0802 : an anonymous researcher Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses the following: apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted .png file may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20. CVE-ID CVE-2015-8126 : Adam Mariš CVE-2015-8472 : Adam Mariš AppleRAID Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-ID CVE-2016-1733 : Proteas of Qihoo 360 Nirvan Team AppleRAID Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-ID CVE-2016-1732 : Proteas of Qihoo 360 Nirvan Team AppleUSBNetworking Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of data from USB devices. This issue was addressed through improved input validation. CVE-ID CVE-2016-1734 : Andrea Barisani and Andrej Rosano of Inverse Path Bluetooth Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1735 : Jeonghoon Shin@A.D.D CVE-2016-1736 : beist and ABH of BoB Carbon Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted .dfont file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2016-1737 : an anonymous researcher dyld Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An attacker may tamper with code-signed applications to execute arbitrary code in the application's context Description: A code signing verification issue existed in dyld. This issue was addressed with improved validation. CVE-ID CVE-2016-1738 : beist and ABH of BoB FontParser Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1740 : HappilyCoded (ant4g0nist and r3dsm0k3) working with Trend Micro's Zero Day Initiative (ZDI) HTTPProtocol Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A remote attacker may be able to execute arbitrary code Description: Multiple vulnerabilities existed in nghttp2 versions prior to 1.6.0, the most serious of which may have led to remote code execution. These were addressed by updating nghttp2 to version 1.6.0. CVE-ID CVE-2015-8659 Intel Graphics Driver Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1743 : Piotr Bania of Cisco Talos CVE-2016-1744 : Ian Beer of Google Project Zero IOFireWireFamily Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A local user may be able to cause a denial of service Description: A null pointer dereference was addressed through improved validation. CVE-ID CVE-2016-1745 : sweetchip of Grayhash IOGraphics Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-ID CVE-2016-1746 : Peter Pi of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1747 : Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) IOHIDFamily Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to determine kernel memory layout Description: A memory corruption issue was addressed through improved memory handling. CVE-ID CVE-2016-1748 : Brandon Azad IOUSBFamily Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1749 : Ian Beer of Google Project Zero and Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-ID CVE-2016-1750 : CESG Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition existed during the creation of new processes. This was addressed through improved state handling. CVE-ID CVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaca Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-ID CVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team Kernel Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2016-1755 : Ian Beer of Google Project Zero CVE-2016-1759 : lokihardt Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-ID CVE-2016-1758 : Brandon Azad Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple integer overflows were addressed through improved input validation. CVE-ID CVE-2016-1753 : Juwei Lin Trend Micro working with Trend Micro's Zero Day Initiative (ZDI) Kernel Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to cause a denial of service Description: A denial of service issue was addressed through improved validation. CVE-ID CVE-2016-1752 : CESG libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3 Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2015-1819 CVE-2015-5312 : David Drysdale of Google CVE-2015-7499 CVE-2015-7500 : Kostya Serebryany of Google CVE-2015-7942 : Kostya Serebryany of Google CVE-2015-8035 : gustavo.grieco CVE-2015-8242 : Hugh Davenport CVE-2016-1761 : wol0xff working with Trend Micro's Zero Day Initiative (ZDI) CVE-2016-1762 Messages Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An attacker who is able to bypass Apple's certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages may be able to read attachments Description: A cryptographic issue was addressed by rejecting duplicate messages on the client. CVE-ID CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, and Michael Rushanan of Johns Hopkins University Messages Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Clicking a JavaScript link can reveal sensitive user information Description: An issue existed in the processing of JavaScript links. This issue was addressed through improved content security policy checks. CVE-ID CVE-2016-1764 : Matthew Bryan of the Uber Security Team (formerly of Bishop Fox), Joe DeMesy and Shubham Shah of Bishop Fox NVIDIA Graphics Drivers Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1741 : Ian Beer of Google Project Zero OpenSSH Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3 Impact: Connecting to a server may leak sensitive user information, such as a client's private keys Description: Roaming, which was on by default in the OpenSSH client, exposed an information leak and a buffer overflow. These issues were addressed by disabling roaming in the client. CVE-ID CVE-2016-0777 : Qualys CVE-2016-0778 : Qualys OpenSSH Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Multiple vulnerabilities in LibreSSL Description: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 : Qualys CVE-2015-5334 : Qualys OpenSSL Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A remote attacker may be able to cause a denial of service Description: A memory leak existed in OpenSSL versions prior to 0.9.8zh. This issue was addressed by updating OpenSSL to version 0.9.8zh. CVE-ID CVE-2015-3195 Python Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted .png file may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20. CVE-ID CVE-2014-9495 CVE-2015-0973 CVE-2015-8126 : Adam Mariš CVE-2015-8472 : Adam Mariš QuickTime Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1767 : Francis Provencher from COSIG CVE-2016-1768 : Francis Provencher from COSIG QuickTime Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-ID CVE-2016-1769 : Francis Provencher from COSIG Reminders Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Clicking a tel link can make a call without prompting the user Description: A user was not prompted before invoking a call. This was addressed through improved entitlement checks. CVE-ID CVE-2016-1770 : Guillaume Ross of Rapid7 and Laurent Chouinard of Laurent.ca Ruby Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An unsafe tainted string usage vulnerability existed in versions prior to 2.0.0-p648. This issue was addressed by updating to version 2.0.0-p648. CVE-ID CVE-2015-7551 Security Available for: OS X El Capitan v10.11 to v10.11.3 Impact: A local user may be able to check for the existence of arbitrary files Description: A permissions issue existed in code signing tools. This was addressed though additional ownership checks. CVE-ID CVE-2016-1773 : Mark Mentovai of Google Inc. Security Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the ASN.1 decoder. This issue was addressed through improved input validation. CVE-ID CVE-2016-1950 : Francis Gabriel of Quarkslab Tcl Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted .png file may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by removing libpng. CVE-ID CVE-2015-8126 : Adam Mariš TrueTypeScaler Available for: OS X El Capitan v10.11 to v10.11.3 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2016-1775 : 0x1byte working with Trend Micro's Zero Day Initiative (ZDI) Wi-Fi Available for: OS X El Capitan v10.11 to v10.11.3 Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: A frame validation and memory corruption issue existed for a given ethertype. This issue was addressed through additional ethertype validation and improved memory handling. CVE-ID CVE-2016-0801 : an anonymous researcher CVE-2016-0802 : an anonymous researcher OS X El Capitan 10.11.4 includes the security content of Safari 9.1. https://support.apple.com/kb/HT206171 OS X El Capitan v10.11.4 and Security Update 2016-002 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW8JQFAAoJEBcWfLTuOo7tZSYP/1bHFA1qemkD37uu7nYpk/q6 ARVsPgME1I1+5tOxX0TQJgzMBmdQsKYdsTiLpDk5HTuv+dAMsFfasaUItGk8Sz1w HiYjSfVsxL+Pjz3vK8/4/fsi2lX6472MElRw8gudITOhXtniGcKo/vuA5dB+vM3l Jy1NLHHhZ6BD2t0bBmlz41mZMG3AMxal2wfqE+5LkjUwASzcvC/3B1sh7Fntwyau /71vIgMQ5AaETdgQJAuQivxPyTlFduBRgLjqvPiB9eSK4Ctu5t/hErFIrP2NiDCi UhfZC48XbiRjJfkUsUD/5TIKnI+jkZxOnch9ny32dw2kUIkbIAbqufTkzsMXOpng O+rI93Ni7nfzgI3EkI2bq+C+arOoRiveWuJvc3SMPD5RQHo4NCQVs0ekQJKNHF78 juPnY29n8WMjwLS6Zfm+bH+n8ELIXrmmEscRztK2efa9S7vJe+AgIxx7JE/f8OHF i9K7UQBXFXcpMjXi1aTby/IUnpL5Ny4NVwYwIhctj0Mf6wTH7uf/FMWYIQOXcIfP Izo+GXxNeLd4H2ypZ+UpkZg/Sn2mtCd88wLc96+owlZPBlSqWl3X1wTlp8i5FP2X qlQ7RcTHJDv8jPT/MOfzxEK1n/azp45ahHA0o6nohUdxlA7PLci9vPiJxqKPo/0q VZmOKa8qMxB1L/JmdCqy =mZR+ -----END PGP SIGNATURE-----