VARIoT IoT vulnerabilities database
| VAR-201412-0495 | CVE-2014-8461 | Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0494 | CVE-2014-8460 | Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159. This vulnerability CVE-2014-8457 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions.
The affected products are:
Adobe Reader 11.x versions prior to 11.0.10
Adobe Reader 10.x versions prior to 10.1.13
Adobe Acrobat 11.x versions prior to 11.0.10
Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0493 | CVE-2014-8459 | Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0492 | CVE-2014-8443 | Adobe Flash Player Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164)
A flaw in flash-plugin could allow an attacker to bypass the same-origin
policy. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0452 | CVE-2014-9164 | Adobe Flash Player Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164)
A flaw in flash-plugin could allow an attacker to bypass the same-origin
policy. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0451 | CVE-2014-9163 | Adobe Flash Player Vulnerable to stack-based buffer overflow |
CVSS V2: 10.0 CVSS V3: 7.8 Severity: HIGH |
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014. Adobe Flash Player Contains a stack-based buffer overflow vulnerability. Attacks on this vulnerability 2014 Year 12 Observed on the moon.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when calling parseFloat on a specific datatype. This can allow for an attacker to cause a fixed size stack buffer to overflow. Failed exploit attempts likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164)
A flaw in flash-plugin could allow an attacker to bypass the same-origin
policy. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0449 | CVE-2014-9159 | Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460. This vulnerability CVE-2014-8457 and CVE-2014-8460 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions.
The affected products are:
Adobe Reader 11.x versions prior to 11.0.10
Adobe Reader 10.x versions prior to 10.1.13
Adobe Acrobat 11.x versions prior to 11.0.10
Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0432 | CVE-2014-9158 | Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0450 | CVE-2014-9162 | Adobe Flash Player Vulnerability in which important information is obtained |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Regular Expression Objects. By matching a specially crafted regular expression, it is possible for an attacker to force out-of-bounds reads. An attacker can leverage this vulnerability to disclose arbitrary memory.
Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164)
A flaw in flash-plugin could allow an attacker to bypass the same-origin
policy. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0397 | CVE-2014-9165 | Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455. This vulnerability CVE-2014-8454 and CVE-2014-8455 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions.
The affected products are:
Adobe Reader 11.x versions prior to 11.0.10
Adobe Reader 10.x versions prior to 10.1.13
Adobe Acrobat 11.x versions prior to 11.0.10
Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
| VAR-201412-0325 | CVE-2014-0580 | Adobe Flash Player Vulnerabilities that bypass the same origin policy |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process or bypass security restrictions.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0051 | CVE-2014-0587 | Adobe Flash Player Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.425"
References
==========
[ 1 ] CVE-2014-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0580
[ 2 ] CVE-2014-0587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0587
[ 3 ] CVE-2014-8439
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8439
[ 4 ] CVE-2014-8443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8443
[ 5 ] CVE-2014-9162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9162
[ 6 ] CVE-2014-9163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9163
[ 7 ] CVE-2014-9164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9164
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2014:1981-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1981.html
Issue date: 2014-12-10
CVE Names: CVE-2014-0580 CVE-2014-0587 CVE-2014-8443
CVE-2014-9162 CVE-2014-9163 CVE-2014-9164
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB14-27,
listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2014-0587, CVE-2014-8443, CVE-2014-9163, CVE-2014-9164)
A flaw in flash-plugin could allow an attacker to bypass the same-origin
policy. (CVE-2014-0580)
This update fixes an information disclosure flaw in flash-plugin.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1172431 - CVE-2014-0587 CVE-2014-9164 CVE-2014-8443 CVE-2014-9163 flash-plugin: Multiple code-execution flaws (APSB14-27)
1172433 - CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)
1172436 - CVE-2014-0580 flash-plugin: Same-Origin-Policy bypass flaw (APSB14-27)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-11.2.202.425-1.el5.i386.rpm
x86_64:
flash-plugin-11.2.202.425-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-11.2.202.425-1.el6.i686.rpm
x86_64:
flash-plugin-11.2.202.425-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2014-0580
https://access.redhat.com/security/cve/CVE-2014-0587
https://access.redhat.com/security/cve/CVE-2014-8443
https://access.redhat.com/security/cve/CVE-2014-9162
https://access.redhat.com/security/cve/CVE-2014-9163
https://access.redhat.com/security/cve/CVE-2014-9164
https://access.redhat.com/security/updates/classification/#critical
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUiIc1XlSAg2UNWIIRAsSpAKCmB3XINkM4F8O89luyizR+uMBvSgCgjGgo
Jf+NT4gjTiuGxbKjQooiX1A=
=wYY1
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201412-0271 | CVE-2014-8730 | plural F5 Product SSL Vulnerability in obtaining clear text data in profile component |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications.
TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc.
Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected.
An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04819635
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04819635
Version: 1
HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2015-09-29
Last Updated: 2015-09-29
Potential Security Impact: Disclosure of Privileged Information, Remote
Disclosure of Privileged Information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with the HP VAN SDN
Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding
Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could
be exploited remotely resulting in disclosure of privileged information.
References:
CVE-2014-8730
SSRT102263
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
VAN SDN Controller 2.5.21
VAN SDN Controller 2.5.15
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols
in the client Auth properties of the
/opt/sdn/virgo/configuration/tomcat-server.xml file.
Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing
Change the following line from this: clientAuth="false"
sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false"
sslEnabledProtocols=" TLSv1.1,TLSv1.2"
Restart the controller.
HISTORY
Version:1 (rev.1) - 29 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo
bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5
=Px26
-----END PGP SIGNATURE-----
| VAR-201412-0131 | CVE-2014-9342 | F5 BIG-IP of Application Security Manager Cross-site scripting vulnerability in the tree display function |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation. BIG-IP is prone to a cross-site scripting vulnerability. F5 BIG-IP Application Security Manager (ASM) is a BIG-IP application security manager of F5 Corporation of the United States, which can provide users with application delivery security solutions, as well as secure remote Ingress control while enhancing network and application performance
| VAR-201412-0060 | CVE-2014-7136 | plural K7 Computing Used in products K7FWFilt.sys Heap-based buffer overflow vulnerability in kernel mode driver |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. K7 Computing K7FWFilt.sys device driver is prone to a local code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions.
K7FWFilt.sys 11.0.1.5 and prior are vulnerable. Successful exploitation of this bug results in vertical privilege escalation.
Technical Details:
The function handling IOCTL 0x830020C4 does not validate the size of the output buffer parameter passed in the DeviceIoControl API, which leads to a heap overflow on buffer data initialization. In particular, the function assumes that the output buffer has a size of 0x22C4 bytes. By declaring a smaller buffer we are able to overwrite other data and kernel objects that might follow and potentially control the execution flow via a corrupted kernel object.
ba31cb06 8b7d14 mov edi,dword ptr [ebp+14h] <--- EDI == allocated buffer
ba31cb09 ff7514 push dword ptr [ebp+14h]
ba31cb0c b9b1080000 mov ecx,8B1h <--- assume buffer size 0x8b1 * 4
ba31cb11 33c0 xor eax,eax <--- zero out EAX
ba31cb13 f3ab rep stos dword ptr es:[edi] <--- Heap Overflow
Further details at:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/
Copyright:
Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.
Disclaimer:
The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
###############################################################
This email originates from the systems of Portcullis
Computer Security Limited, a Private limited company,
registered in England in accordance with the Companies
Act under number 02763799. The registered office
address of Portcullis Computer Security Limited is:
Portcullis House, 2 Century Court, Tolpits Lane, Watford,
United Kingdom, WD18 9RS.
The information in this email is confidential and may be
legally privileged. It is intended solely for the addressee.
Any opinions expressed are those of the individual and
do not represent the opinion of the organisation. Access
to this email by persons other than the intended recipient
is strictly prohibited.
If you are not the intended recipient, any disclosure,
copying, distribution or other action taken or omitted to be
taken in reliance on it, is prohibited and may be unlawful.
When addressed to our clients any opinions or advice
contained in this email is subject to the terms and
conditions expressed in the applicable Portcullis Computer
Security Limited terms of business.
###############################################################
#####################################################################################
This e-mail message has been scanned for Viruses and Content and cleared
by MailMarshal.
#####################################################################################
| VAR-201412-0293 | CVE-2014-8009 | Cisco Unified Computing System of Management Vulnerabilities that can capture important information in subsystems |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. Vendors have confirmed this vulnerability Bug ID CSCur99239 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlIf a third party reads the log file, important information may be obtained.
Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology
| VAR-201412-0027 | CVE-2013-2810 | plural Emerson Process Management RTU Vulnerability to execute arbitrary commands in product software |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. http://cwe.mitre.org/data/definitions/77.htmlBy a third party TCP Reflex attack ( Replay attack ) An arbitrary command may be executed via. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. Emerson Process Management's ROC800, DL8000 and ROC800L have security bypass vulnerabilities. Allows an attacker to bypass authentication and perform unauthorized operations.
The following versions are affected:
ROC800 3.50 and prior
DL8000 2.30 and prior
ROC800L 1.20 and prior. Emerson Process Management ROC800 RTU, DL8000 RTU and ROC800L RTU are all remote terminal unit (RTU) products of Emerson Electric (Emerson Electric) in the United States. Function
| VAR-201412-0422 | CVE-2014-9142 | Technicolor Router TD5130 Firmware cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary script code or steal a cookie-based authentication certificate in the browser of an affected site's uninformed user. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router
Firmware Version : V2.05.C29GV
Modem Type : ADSL2+ Router
Modem Vendor : Technicolor
Model: DT5130
Bugs:
1- Unauth Xss - CVE-2014-9142
user=teste&password=teste&
userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login
2- Arbitrari URL redirect - CVE-2014-9143
failrefer=http://blog.dclabs.com.br&login=Login&password=
pass&refer=/index.html&user=1&userlevel=15
3- Command Injection in ping field - CVE-2014-9144
setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE
--
Ewerson Guimaraes (Crash)
Pentester/Researcher
DcLabs / Ibliss Security Team
www.dclabs.com.br / www.ibliss.com.br
| VAR-201412-0423 | CVE-2014-9143 | Technicolor Router TD5130 Open redirect vulnerability in firmware |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker can trick a user into being redirected to an attacker-controlled website by constructing a specially crafted URI. Other attacks are possible.
ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router
Firmware Version : V2.05.C29GV
Modem Type : ADSL2+ Router
Modem Vendor : Technicolor
Model: DT5130
Bugs:
1- Unauth Xss - CVE-2014-9142
user=teste&password=teste&
userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login
2- Arbitrari URL redirect - CVE-2014-9143
failrefer=http://blog.dclabs.com.br&login=Login&password=
pass&refer=/index.html&user=1&userlevel=15
3- Command Injection in ping field - CVE-2014-9144
setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE
--
Ewerson Guimaraes (Crash)
Pentester/Researcher
DcLabs / Ibliss Security Team
www.dclabs.com.br / www.ibliss.com.br
| VAR-201412-0424 | CVE-2014-9144 | Technicolor Router TD5130 Vulnerability to execute arbitrary commands in firmware |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. The Technicolor ADSL2+ Router is a router device. An attacker could exploit this vulnerability to execute arbitrary commands or initiate a denial of service in the context of an affected application. Failed exploit attempts will result in a denial-of-service condition.
ADSL2+ 2.05.C29GV is vulnerable; other versions may also be affected. Product: Wireless N ADSL 2/2+ Modem Router
Firmware Version : V2.05.C29GV
Modem Type : ADSL2+ Router
Modem Vendor : Technicolor
Model: DT5130
Bugs:
1- Unauth Xss - CVE-2014-9142
user=teste&password=teste&
userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?failrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&password=pass&refer=/index.html&user=teste&userlevel=15&login=Login
2- Arbitrari URL redirect - CVE-2014-9143
failrefer=http://blog.dclabs.com.br&login=Login&password=
pass&refer=/index.html&user=1&userlevel=15
3- Command Injection in ping field - CVE-2014-9144
setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE
--
Ewerson Guimaraes (Crash)
Pentester/Researcher
DcLabs / Ibliss Security Team
www.dclabs.com.br / www.ibliss.com.br