FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

flash -- multiple vulnerabilities

Affected packages
linux-c6-flashplugin < 11.2r202.621
linux-c6_64-flashplugin < 11.2r202.621
linux-f10-flashplugin < 11.2r202.621

Details

VuXML ID 0c6b008d-35c4-11e6-8e82-002590263bf5
Discovery 2016-05-12
Entry 2016-06-19

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110, CVE-2016-4121).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, CVE-2016-4163).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).

References

CVE Name CVE-2016-1096
CVE Name CVE-2016-1097
CVE Name CVE-2016-1098
CVE Name CVE-2016-1099
CVE Name CVE-2016-1100
CVE Name CVE-2016-1101
CVE Name CVE-2016-1102
CVE Name CVE-2016-1103
CVE Name CVE-2016-1104
CVE Name CVE-2016-1105
CVE Name CVE-2016-1106
CVE Name CVE-2016-1107
CVE Name CVE-2016-1108
CVE Name CVE-2016-1109
CVE Name CVE-2016-1110
CVE Name CVE-2016-4108
CVE Name CVE-2016-4109
CVE Name CVE-2016-4110
CVE Name CVE-2016-4111
CVE Name CVE-2016-4112
CVE Name CVE-2016-4113
CVE Name CVE-2016-4114
CVE Name CVE-2016-4115
CVE Name CVE-2016-4116
CVE Name CVE-2016-4117
CVE Name CVE-2016-4120
CVE Name CVE-2016-4121
CVE Name CVE-2016-4160
CVE Name CVE-2016-4161
CVE Name CVE-2016-4162
CVE Name CVE-2016-4163
URL https://helpx.adobe.com/security/products/flash-player/apsb16-15.html