SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1 Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12 SP1 GA flash-player-11.2.202.548-111.1 This issue is currently rated as having critical severity. Overall state of this security issue: Resolved Users of Adobe AIR for Android should update to Adobe AIR 16.0.0.272 by downloading the latest version from the Google Play store.Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309. Users of Adobe AIR desktop runtime should update to version 16.0.0.245 (29.8 MB). Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version as well. Users of Adobe Flash Player for Linux should update to Adobe Flash Player 11.2.202.429.Īdobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 16.0.0.257. Users of Adobe Flash Player for Macintosh and Windows should update to Adobe Flash Player 16.0.0.257 (14.9 MB). These updates resolve a use-after-free vulnerability that could lead to code execution ( CVE-2015-0308).These updates resolve an out-of-bounds read vulnerability that could be exploited to leak memory addresses ( CVE-2015-0307).These updates resolve a type confusion vulnerability that could lead to code execution ( CVE-2015-0305).These updates resolve heap-based buffer overflow vulnerabilities that could lead to code execution ( CVE-2015-0304, CVE-2015-0309).These updates resolve memory corruption vulnerabilities that could lead to code execution ( CVE-2015-0303, CVE-2015-0306).These updates resolve an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system ( CVE-2015-0302). These updates resolve an improper file validation issue ( CVE-2015-0301).The vulnerabilities patched in these updates are described as follows: These updates patch 9 vulnerabilities that could “potentially allow an attacker to take control of the affected system,” according to Adobe’s security bulletin (APSB15-01).Īffected software versions include: Adobe Flash Player 16.0.0.235 and earlier versions, Adobe Flash Player 13.0.0.259 and earlier 13.x versions, Adobe Flash Player 11.2.202.425 and earlier versions for Linux, Adobe AIR SDK 15.0.0.356 and earlier versions, and Adobe AIR for Android 15.0.0.356 and earlier versions. Security News Adobe Updates Flash Player for Mac, Windows and LinuxĪdobe Systems has issued security updates for Flash Player for Mac and Windows with the release of version 16.0.0.257, and for Linux with version 11.2.202.429.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |