New Search

SUSE-SU-2014:1442-1 -- Security update for flash-player (important)

oval:org.mitre.oval:def:28194

flash-player was updated to version 11.2.202.418 to fix 18 security issues: * Memory corruption vulnerabilities that could lead to code execution (CVE-2014-0576 CVE-2014-0581 CVE-2014-8440 CVE-2014-8441). * Use-after-free vulnerabilities that could lead to code execution (CVE-2014-0573 CVE-2014-0588 CVE-2014-8438). * A double free vulnerability that could lead to code execution (CVE-2014-0574). * Type confusion vulnerabilities that could lead to code execution (CVE-2014-0577 CVE-2014-0584 CVE-2014-0585 CVE-2014-0586 CVE-2014-0590). * Heap buffer overflow vulnerabilities that could lead to code execution (CVE-2014-0582 CVE-2014-0589). * An information disclosure vulnerability that could be exploited to disclose session tokens (CVE-2014-8437). * A heap buffer overflow vulnerability that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-0583). * A permission issue that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2014-8442). Further information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-24.html <http://helpx.adobe.com/security/products/flash-player/apsb14-24.html>

Family:
unix
Status:
ACCEPTED
Platform(s):
  • SUSE Linux Enterprise Desktop 11
Class:
patch
Reference(s):
  • SUSE-SU-2014:1442-1
  • CVE-2014-0576
  • CVE-2014-0581
  • CVE-2014-8440
  • CVE-2014-8441
  • CVE-2014-0573
  • CVE-2014-0588
  • CVE-2014-8438
  • CVE-2014-0574
  • CVE-2014-0577
  • CVE-2014-0584
  • CVE-2014-0585
  • CVE-2014-0586
  • CVE-2014-0590
  • CVE-2014-0582
  • CVE-2014-0589
  • CVE-2014-8437
  • CVE-2014-0583
  • CVE-2014-8442
Product(s):
  • flash-player