VARIoT IoT vulnerabilities database
| VAR-201501-0591 | CVE-2014-10027 | D-Link DAP-1360 Cross-site request forgery vulnerability in router firmware |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the filter, or (3) remove a MAC address from the filter via a crafted request to index.cgi. Dap-1360 Firmware is prone to a cross-site request forgery vulnerability. D-Link DAP-1360 is a wireless access point product (AP) of D-Link
| VAR-201501-0114 | CVE-2015-0309 | Adobe Flash Player and Adobe AIR Heap-based buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0304. This vulnerability CVE-2015-0304 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0113 | CVE-2015-0308 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. A use-after-free vulnerability exists in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin. (CVE-2015-0301, CVE-2015-0302, CVE-2015-0307)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 11.2.202.429.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0112 | CVE-2015-0307 | Adobe Flash Player and Adobe AIR Vulnerability in which important information is obtained from process memory |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors. Adobe Flash Player and Adobe AIR Can get important information from the process memory, or service disruption (out-of-bounds read) There are vulnerabilities that are put into a state.A third party obtains important information from the process memory or disrupts service operation (out-of-bounds read) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose arbitrary memory on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AVSegmentedSource::getABRProfileInfoAtIndex function. Once the AVSegmentedSource class is initialized with a valid m3u8 file, it is possible for an attacker to force out-of-bounds reads. An attacker can leverage this vulnerability to disclose arbitrary memory. Adobe Flash Player and Adobe AIR are prone to a memory-corruption vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions or gain access to sensitive information. other attacks are also possible. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0110 | CVE-2015-0305 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion.".
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0111 | CVE-2015-0306 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0303. This vulnerability CVE-2015-0303 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0102 | CVE-2015-0304 | Adobe Flash Player and Adobe AIR Heap-based buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309. This vulnerability CVE-2015-0309 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0101 | CVE-2015-0303 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306. This vulnerability CVE-2015-0306 Are different vulnerabilities.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0100 | CVE-2015-0302 | Adobe Flash Player and Adobe AIR Vulnerable to obtaining keystroke information |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Security flaws exist in several Adobe products.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,
CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in
flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0099 | CVE-2015-0301 | Adobe Flash Player and Adobe AIR Vulnerability in |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.
Note: The impact of this issue is currently unknown. We will update this BID when more information emerges. A security vulnerability exists in several Adobe products due to the programs not properly validating files. An attacker could exploit this vulnerability to take control of an affected system.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
==========
[ 1 ] CVE-2015-0301
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301
[ 2 ] CVE-2015-0302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302
[ 3 ] CVE-2015-0303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303
[ 4 ] CVE-2015-0304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304
[ 5 ] CVE-2015-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305
[ 6 ] CVE-2015-0306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306
[ 7 ] CVE-2015-0307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307
[ 8 ] CVE-2015-0308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308
[ 9 ] CVE-2015-0309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309
[ 10 ] CVE-2015-0310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310
[ 11 ] CVE-2015-0311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311
[ 12 ] CVE-2015-0314
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314
[ 13 ] CVE-2015-0315
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315
[ 14 ] CVE-2015-0316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316
[ 15 ] CVE-2015-0317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317
[ 16 ] CVE-2015-0318
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318
[ 17 ] CVE-2015-0319
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319
[ 18 ] CVE-2015-0320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320
[ 19 ] CVE-2015-0321
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321
[ 20 ] CVE-2015-0322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322
[ 21 ] CVE-2015-0323
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323
[ 22 ] CVE-2015-0324
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324
[ 23 ] CVE-2015-0325
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325
[ 24 ] CVE-2015-0326
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326
[ 25 ] CVE-2015-0327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327
[ 26 ] CVE-2015-0328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328
[ 27 ] CVE-2015-0329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329
[ 28 ] CVE-2015-0330
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2015:0052-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html
Issue date: 2015-01-14
CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303
CVE-2015-0304 CVE-2015-0305 CVE-2015-0306
CVE-2015-0307 CVE-2015-0308 CVE-2015-0309
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0301, CVE-2015-0302, CVE-2015-0307)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 11.2.202.429.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)
1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-0301
https://access.redhat.com/security/cve/CVE-2015-0302
https://access.redhat.com/security/cve/CVE-2015-0303
https://access.redhat.com/security/cve/CVE-2015-0304
https://access.redhat.com/security/cve/CVE-2015-0305
https://access.redhat.com/security/cve/CVE-2015-0306
https://access.redhat.com/security/cve/CVE-2015-0307
https://access.redhat.com/security/cve/CVE-2015-0308
https://access.redhat.com/security/cve/CVE-2015-0309
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX
184Uc4WBUliIJ2nt+9H/bDY=
=OQFJ
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201501-0220 | CVE-2015-0583 | Cisco WebEx Meeting Center Vulnerability in which important information is obtained |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attackers to obtain sensitive information via vectors related to file: URIs, aka Bug ID CSCus18281. Vendors have confirmed this vulnerability Bug ID CSCus18281 It is released as.Important information may be obtained by a third party. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to obtain sensitive information that may aid in further attacks.
This issue is being tracked by Cisco bug ID CSCus18281. Cisco WebEx Meeting Center is an online meeting product in a set of WebEx meeting solutions of Cisco (Cisco). The product invites others to join the meeting via email or instant messaging (IM), enabling online product demonstrations, information sharing, and more
| VAR-201501-0130 | CVE-2015-1050 | F5 BIG-IP Application Security Manager Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6 allows remote attackers to inject arbitrary web script or HTML via the Response Body field when creating a new user account.
Attacker supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible.
BIG-IP ASM 11.4.0 through 11.5 are vulnerable. A cross-site scripting vulnerability exists in F5 BIG-IP ASM 11.5.1 and earlier versions
| VAR-201501-0119 | CVE-2015-0973 | libpng of pngrutil.c Inside png_read_IDAT_data Buffer overflow vulnerability in functions |
CVSS V2: 7.5 CVSS V3: 8.8 Severity: HIGH |
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495. libpng is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will cause denial-of-service conditions. libpng is a PNG reference library that can create, read and write PNG graphics files. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update
2016-002
OS X El Capitan 10.11.4 and Security Update 2016-002 is now available
and addresses the following:
apache_mod_php
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by updating libpng to version
1.6.20.
CVE-ID
CVE-2015-8126 : Adam Mariš
CVE-2015-8472 : Adam Mariš
AppleRAID
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1733 : Proteas of Qihoo 360 Nirvan Team
AppleRAID
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to determine kernel memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-ID
CVE-2016-1732 : Proteas of Qihoo 360 Nirvan Team
AppleUSBNetworking
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the parsing of
data from USB devices. This issue was addressed through improved
input validation.
CVE-ID
CVE-2016-1734 : Andrea Barisani and Andrej Rosano of Inverse Path
Bluetooth
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1735 : Jeonghoon Shin@A.D.D
CVE-2016-1736 : beist and ABH of BoB
Carbon
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: Multiple memory corruption issues existed in the
handling of font files. These issues were addressed through improved
bounds checking.
CVE-ID
CVE-2016-1737 : an anonymous researcher
dyld
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker may tamper with code-signed applications to
execute arbitrary code in the application's context
Description: A code signing verification issue existed in dyld. This
issue was addressed with improved validation.
CVE-ID
CVE-2016-1738 : beist and ABH of BoB
FontParser
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1740 : HappilyCoded (ant4g0nist and r3dsm0k3) working with
Trend Micro's Zero Day Initiative (ZDI)
HTTPProtocol
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple vulnerabilities existed in nghttp2 versions
prior to 1.6.0, the most serious of which may have led to remote code
execution. These were addressed by updating nghttp2 to version 1.6.0.
CVE-ID
CVE-2015-8659
Intel Graphics Driver
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1743 : Piotr Bania of Cisco Talos
CVE-2016-1744 : Ian Beer of Google Project Zero
IOFireWireFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1745 : sweetchip of Grayhash
IOGraphics
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1746 : Peter Pi of Trend Micro working with Trend Micro's
Zero Day Initiative (ZDI)
CVE-2016-1747 : Juwei Lin of Trend Micro working with Trend Micro's
Zero Day Initiative (ZDI)
IOHIDFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to determine kernel memory layout
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1748 : Brandon Azad
IOUSBFamily
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1749 : Ian Beer of Google Project Zero and Juwei Lin of
Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-ID
CVE-2016-1750 : CESG
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition existed during the creation of new
processes. This was addressed through improved state handling.
CVE-ID
CVE-2016-1757 : Ian Beer of Google Project Zero and Pedro Vilaca
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved input validation.
CVE-ID
CVE-2016-1756 : Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1754 : Lufeng Li of Qihoo 360 Vulcan Team
CVE-2016-1755 : Ian Beer of Google Project Zero
CVE-2016-1759 : lokihardt
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to determine kernel memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-ID
CVE-2016-1758 : Brandon Azad
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple integer overflows were addressed through
improved input validation.
CVE-ID
CVE-2016-1753 : Juwei Lin Trend Micro working with Trend Micro's Zero
Day Initiative (ZDI)
Kernel
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to cause a denial of service
Description: A denial of service issue was addressed through
improved validation.
CVE-ID
CVE-2016-1752 : CESG
libxml2
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing maliciously crafted XML may lead to unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2015-1819
CVE-2015-5312 : David Drysdale of Google
CVE-2015-7499
CVE-2015-7500 : Kostya Serebryany of Google
CVE-2015-7942 : Kostya Serebryany of Google
CVE-2015-8035 : gustavo.grieco
CVE-2015-8242 : Hugh Davenport
CVE-2016-1761 : wol0xff working with Trend Micro's Zero Day
Initiative (ZDI)
CVE-2016-1762
Messages
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker who is able to bypass Apple's certificate
pinning, intercept TLS connections, inject messages, and record
encrypted attachment-type messages may be able to read attachments
Description: A cryptographic issue was addressed by rejecting
duplicate messages on the client.
CVE-ID
CVE-2016-1788 : Christina Garman, Matthew Green, Gabriel Kaptchuk,
Ian Miers, and Michael Rushanan of Johns Hopkins University
Messages
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Clicking a JavaScript link can reveal sensitive user
information
Description: An issue existed in the processing of JavaScript links.
This issue was addressed through improved content security policy
checks.
CVE-ID
CVE-2016-1764 : Matthew Bryan of the Uber Security Team (formerly of
Bishop Fox), Joe DeMesy and Shubham Shah of Bishop Fox
NVIDIA Graphics Drivers
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1741 : Ian Beer of Google Project Zero
OpenSSH
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Connecting to a server may leak sensitive user information,
such as a client's private keys
Description: Roaming, which was on by default in the OpenSSH client,
exposed an information leak and a buffer overflow. These issues were
addressed by disabling roaming in the client.
CVE-ID
CVE-2016-0777 : Qualys
CVE-2016-0778 : Qualys
OpenSSH
Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5
Impact: Multiple vulnerabilities in LibreSSL
Description: Multiple vulnerabilities existed in LibreSSL versions
prior to 2.1.8. These were addressed by updating LibreSSL to version
2.1.8.
CVE-ID
CVE-2015-5333 : Qualys
CVE-2015-5334 : Qualys
OpenSSL
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A remote attacker may be able to cause a denial of service
Description: A memory leak existed in OpenSSL versions prior to
0.9.8zh. This issue was addressed by updating OpenSSL to version
0.9.8zh.
CVE-ID
CVE-2015-3195
Python
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by updating libpng to version
1.6.20.
CVE-ID
CVE-2014-9495
CVE-2015-0973
CVE-2015-8126 : Adam Mariš
CVE-2015-8472 : Adam Mariš
QuickTime
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted FlashPix Bitmap Image may
lead to unexpected application termination or arbitrary code
execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1767 : Francis Provencher from COSIG
CVE-2016-1768 : Francis Provencher from COSIG
QuickTime
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted Photoshop document may lead
to unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1769 : Francis Provencher from COSIG
Reminders
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Clicking a tel link can make a call without prompting the
user
Description: A user was not prompted before invoking a call. This
was addressed through improved entitlement checks.
CVE-ID
CVE-2016-1770 : Guillaume Ross of Rapid7 and Laurent Chouinard of
Laurent.ca
Ruby
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An unsafe tainted string usage vulnerability existed in
versions prior to 2.0.0-p648. This issue was addressed by updating to
version 2.0.0-p648.
CVE-ID
CVE-2015-7551
Security
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A permissions issue existed in code signing tools. This
was addressed though additional ownership checks.
CVE-ID
CVE-2016-1773 : Mark Mentovai of Google Inc.
Security
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the ASN.1 decoder.
This issue was addressed through improved input validation.
CVE-ID
CVE-2016-1950 : Francis Gabriel of Quarkslab
Tcl
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted .png file may lead to
arbitrary code execution
Description: Multiple vulnerabilities existed in libpng versions
prior to 1.6.20. These were addressed by removing libpng.
CVE-ID
CVE-2015-8126 : Adam Mariš
TrueTypeScaler
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed through improved input
validation.
CVE-ID
CVE-2016-1775 : 0x1byte working with Trend Micro's Zero Day
Initiative (ZDI)
Wi-Fi
Available for: OS X El Capitan v10.11 to v10.11.3
Impact: An attacker with a privileged network position may be able
to execute arbitrary code
Description: A frame validation and memory corruption issue existed
for a given ethertype. This issue was addressed through additional
ethertype validation and improved memory handling.
CVE-ID
CVE-2016-0801 : an anonymous researcher
CVE-2016-0802 : an anonymous researcher
OS X El Capitan 10.11.4 includes the security content of Safari 9.1.
https://support.apple.com/kb/HT206171
OS X El Capitan v10.11.4 and Security Update 2016-002 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJW8JQFAAoJEBcWfLTuOo7tZSYP/1bHFA1qemkD37uu7nYpk/q6
ARVsPgME1I1+5tOxX0TQJgzMBmdQsKYdsTiLpDk5HTuv+dAMsFfasaUItGk8Sz1w
HiYjSfVsxL+Pjz3vK8/4/fsi2lX6472MElRw8gudITOhXtniGcKo/vuA5dB+vM3l
Jy1NLHHhZ6BD2t0bBmlz41mZMG3AMxal2wfqE+5LkjUwASzcvC/3B1sh7Fntwyau
/71vIgMQ5AaETdgQJAuQivxPyTlFduBRgLjqvPiB9eSK4Ctu5t/hErFIrP2NiDCi
UhfZC48XbiRjJfkUsUD/5TIKnI+jkZxOnch9ny32dw2kUIkbIAbqufTkzsMXOpng
O+rI93Ni7nfzgI3EkI2bq+C+arOoRiveWuJvc3SMPD5RQHo4NCQVs0ekQJKNHF78
juPnY29n8WMjwLS6Zfm+bH+n8ELIXrmmEscRztK2efa9S7vJe+AgIxx7JE/f8OHF
i9K7UQBXFXcpMjXi1aTby/IUnpL5Ny4NVwYwIhctj0Mf6wTH7uf/FMWYIQOXcIfP
Izo+GXxNeLd4H2ypZ+UpkZg/Sn2mtCd88wLc96+owlZPBlSqWl3X1wTlp8i5FP2X
qlQ7RcTHJDv8jPT/MOfzxEK1n/azp45ahHA0o6nohUdxlA7PLci9vPiJxqKPo/0q
VZmOKa8qMxB1L/JmdCqy
=mZR+
-----END PGP SIGNATURE-----
| VAR-201501-0335 | CVE-2014-8034 | Cisco WebEx Meetings Server Vulnerabilities that gain access |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge for each login attempt, which makes it easier for remote attackers to obtain access via a brute-force approach of guessing usernames, aka Bug ID CSCuj40321. Vendors have confirmed this vulnerability Bug ID CSCuj40321 It is released as.A third party could gain access through brute force techniques that guess usernames.
An attacker may leverage this issue to harvest valid user accounts, which may aid in brute-force attacks.
This issue being tracked by Cisco Bug ID CSCuj40321. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. There is a security vulnerability in CWMS version 1.5, which stems from the fact that the program does not update the CAPTCHA of the login page
| VAR-201501-0390 | CVE-2014-6199 | IBM Sterling B2B Integrator and Sterling File Gateway of HTTP Server Adapter Service disruption in (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request. Multiple IBM products are prone to a remote denial-of-service vulnerability.
Successful exploits may allow an attacker to cause an affected device to crash, resulting in a denial-of-service condition. IBM Sterling B2B Integrator is a set of software that integrates B2B processes, transactions and relationships of different partner communities. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network
| VAR-201501-0326 | CVE-2014-8020 | Cisco Unified Communications Domain Manager Platform Software Service disruption in (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup25276.
Successful exploits may allow the attacker to cause excessive CPU usage, resulting in denial-of-service conditions.
This issue is being tracked by Cisco Bug ID CSCup25276. This component features scalable, distributed, and highly available enterprise Voice over IP call processing
| VAR-201501-0336 | CVE-2014-8035 | Cisco WebEx Meetings Server of Web Vulnerability in enumerating user accounts in the framework |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247. Cisco WebEx Meetings Server is prone to a user-enumeration vulnerability.
An attacker may leverage this issue to harvest valid user accounts, which may aid in brute-force attacks.
This issue being tracked by Cisco Bug ID CSCuj40247. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. There is a security flaw in the web framework of CWMS, which stems from the fact that the program does not properly validate the returned messages
| VAR-201501-0337 | CVE-2014-8036 | Cisco WebEx Meetings Server of outlookpa Component meeting invitation list change vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254. Vendors have confirmed this vulnerability Bug ID CSCuj40254 It is released as.Skillfully crafted by a third party URL The meeting invitation list may be changed through. Cisco WebEx Meetings Server is prone to a security vulnerability.
An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions.
This issue is being tracked by Cisco Bug ID CSCuj40254. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. There is a security vulnerability in the outlookpa component of CWMS, which is caused by the program not properly validating API input
| VAR-201501-0219 | CVE-2015-0582 | Cisco MDS 9000 Runs on the device Cisco NX-OS of High Availability Service disruption in subsystems (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129. Vendors have confirmed this vulnerability Bug ID CSCuo09129 It is released as.Service disruption through crafted traffic from a third party (DoS) There is a possibility of being put into a state. The Cisco MDS 9000 is a multi-layer Fibre Channel switch. Cisco MDS NX-OS is used for operational systems on this switch.
Attackers can exploit this issue to cause a denial-of-service condition; denying service to legitimate users.
This issue is being tracked by Cisco bug ID CSCuo09129
| VAR-201502-0244 | CVE-2014-9200 | plural Schneider Electric Product DTM Unspecified development kit DLL File stack-based buffer overflow vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric SoMove Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the IsObjectModel.ModelObject.1 ActiveX control in isObjectModel.dll. The control does not check the length of an attacker-supplied string in the RemoveParameter method before copying it into a fixed length buffer on the stack. This allows an attacker to execute arbitrary code in the context of the browser process. Schneider Electric provides total solutions for the energy and infrastructure, industrial, data center and network, building and residential markets in more than 100 countries. Failed exploit attempts will result in a denial-of-service condition. Schneider Electric Unity Pro, etc. are all products of French Schneider Electric (Schneider Electric). Schneider Electric Unity Pro is a set of development software for testing, debugging and managing applications; SoMachine is a set of original equipment manufacturer (OEM) automation platform integrated with Vijeo-Designer (human machine interface HMI development software); SoMove is a Installation software for motor control equipment