FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

linux-flashplugin7 -- arbitrary code execution vulnerabilities

Affected packages
linux-flashplugin < 7.0r68


VuXML ID 7c75d48c-429b-11db-afae-000c6ec775d9
Discovery 2006-09-12
Entry 2006-09-12

Adobe reports:

Multiple input validation errors have been identified in Flash Player and earlier versions that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user?s web browser, email client, or other applications that include or reference the Flash Player. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588)

These updates include changes to prevent circumvention of the "allowScriptAccess" option. (CVE-2006-4640)


CVE Name CVE-2006-3311
CVE Name CVE-2006-3587
CVE Name CVE-2006-3588
CVE Name CVE-2006-4640