VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201412-0495 CVE-2014-8461 Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0494 CVE-2014-8460 Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159. This vulnerability CVE-2014-8457 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0493 CVE-2014-8459 Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0492 CVE-2014-8443 Adobe Flash Player Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0452 CVE-2014-9164 Adobe Flash Player Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0451 CVE-2014-9163 Adobe Flash Player Vulnerable to stack-based buffer overflow CVSS V2: 10.0
CVSS V3: 7.8
Severity: HIGH
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014. Adobe Flash Player Contains a stack-based buffer overflow vulnerability. Attacks on this vulnerability 2014 Year 12 Observed on the moon.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when calling parseFloat on a specific datatype. This can allow for an attacker to cause a fixed size stack buffer to overflow. Failed exploit attempts likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0449 CVE-2014-9159 Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460. This vulnerability CVE-2014-8457 and CVE-2014-8460 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0432 CVE-2014-9158 Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0450 CVE-2014-9162 Adobe Flash Player Vulnerability in which important information is obtained CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Regular Expression Objects. By matching a specially crafted regular expression, it is possible for an attacker to force out-of-bounds reads. An attacker can leverage this vulnerability to disclose arbitrary memory. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0397 CVE-2014-9165 Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455. This vulnerability CVE-2014-8454 and CVE-2014-8455 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
VAR-201412-0325 CVE-2014-0580 Adobe Flash Player Vulnerabilities that bypass the same origin policy CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors. An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0051 CVE-2014-0587 Adobe Flash Player Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425" References ========== [ 1 ] CVE-2014-0580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580 [ 2 ] CVE-2014-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587 [ 3 ] CVE-2014-8439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439 [ 4 ] CVE-2014-8443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443 [ 5 ] CVE-2014-9162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162 [ 6 ] CVE-2014-9163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163 [ 7 ] CVE-2014-9164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1981-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html Issue date: 2014-12-10 CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0580) This update fixes an information disclosure flaw in flash-plugin. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27) 1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27) 1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.425-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.425-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.425-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.425-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-0580 https://access.redhat.com/security/cve/CVE-2014-0587 https://access.redhat.com/security/cve/CVE-2014-8443 https://access.redhat.com/security/cve/CVE-2014-9162 https://access.redhat.com/security/cve/CVE-2014-9163 https://access.redhat.com/security/cve/CVE-2014-9164 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb14-27.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo Jf+NT4gjTiuGxbKjQooiX1A= =wYY1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201412-0271 CVE-2014-8730 plural F5 Product SSL Vulnerability in obtaining clear text data in profile component CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications. TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc. Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04819635 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04819635 Version: 1 HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2015-09-29 Last Updated: 2015-09-29 Potential Security Impact: Disclosure of Privileged Information, Remote Disclosure of Privileged Information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information. References: CVE-2014-8730 SSRT102263 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. VAN SDN Controller 2.5.21 VAN SDN Controller 2.5.15 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols in the client Auth properties of the /opt/sdn/virgo/configuration/tomcat-server.xml file. Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing Change the following line from this: clientAuth="false" sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false" sslEnabledProtocols=" TLSv1.1,TLSv1.2" Restart the controller. HISTORY Version:1 (rev.1) - 29 September 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5 =Px26 -----END PGP SIGNATURE-----
VAR-201412-0131 CVE-2014-9342 F5 BIG-IP of Application Security Manager Cross-site scripting vulnerability in the tree display function CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation. BIG-IP is prone to a cross-site scripting vulnerability. F5 BIG-IP Application Security Manager (ASM) is a BIG-IP application security manager of F5 Corporation of the United States, which can provide users with application delivery security solutions, as well as secure remote Ingress control while enhancing network and application performance
VAR-201412-0060 CVE-2014-7136 plural K7 Computing Used in products K7FWFilt.sys Heap-based buffer overflow vulnerability in kernel mode driver CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. K7 Computing K7FWFilt.sys device driver is prone to a local code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. K7FWFilt.sys 11.0.1.5 and prior are vulnerable. Successful exploitation of this bug results in vertical privilege escalation. Technical Details: The function handling IOCTL 0x830020C4 does not validate the size of the output buffer parameter passed in the DeviceIoControl API, which leads to a heap overflow on buffer data initialization. In particular, the function assumes that the output buffer has a size of 0x22C4 bytes. By declaring a smaller buffer we are able to overwrite other data and kernel objects that might follow and potentially control the execution flow via a corrupted kernel object. ba31cb06 8b7d14 mov edi,dword ptr [ebp+14h] <--- EDI == allocated buffer ba31cb09 ff7514 push dword ptr [ebp+14h] ba31cb0c b9b1080000 mov ecx,8B1h <--- assume buffer size 0x8b1 * 4 ba31cb11 33c0 xor eax,eax <--- zero out EAX ba31cb13 f3ab rep stos dword ptr es:[edi] <--- Heap Overflow Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/ Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. ############################################################### This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: Portcullis House, 2 Century Court, Tolpits Lane, Watford, United Kingdom, WD18 9RS. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business. ############################################################### ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal. #####################################################################################
VAR-201412-0293 CVE-2014-8009 Cisco Unified Computing System of Management Vulnerabilities that can capture important information in subsystems CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. Vendors have confirmed this vulnerability Bug ID CSCur99239 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlIf a third party reads the log file, important information may be obtained. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology
VAR-201412-0027 CVE-2013-2810 plural Emerson Process Management RTU Vulnerability to execute arbitrary commands in product software CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. http://cwe.mitre.org/data/definitions/77.htmlBy a third party TCP Reflex attack ( Replay attack ) An arbitrary command may be executed via. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. Emerson Process Management's ROC800, DL8000 and ROC800L have security bypass vulnerabilities. Allows an attacker to bypass authentication and perform unauthorized operations. The following versions are affected: ROC800 3.50 and prior DL8000 2.30 and prior ROC800L 1.20 and prior. Emerson Process Management ROC800 RTU, DL8000 RTU and ROC800L RTU are all remote terminal unit (RTU) products of Emerson Electric (Emerson Electric) in the United States. Function
VAR-201412-0422 CVE-2014-9142 Technicolor Router TD5130 Firmware cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary script code or steal a cookie-based authentication certificate in the browser of an affected site's uninformed user. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130 Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login 2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15 3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br
VAR-201412-0423 CVE-2014-9143 Technicolor Router TD5130 Open redirect vulnerability in firmware CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker can trick a user into being redirected to an attacker-controlled website by constructing a specially crafted URI. Other attacks are possible. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130 Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login 2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15 3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br
VAR-201412-0424 CVE-2014-9144 Technicolor Router TD5130 Vulnerability to execute arbitrary commands in firmware CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary commands or initiate a denial of service in the context of an affected application. Failed exploit attempts will result in a denial-of-service condition. ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130 Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste& userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login 2- Arbitrari URL redirect - CVE-2014-9143 failrefer=http://blog.dclabs.com.br&login=Login&password= pass&refer=/index.html&user=1&userlevel=15 3- Command Injection in ping field - CVE-2014-9144 setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs / Ibliss Security Team www.dclabs.com.br / www.ibliss.com.br