FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

flash -- multiple vulnerabilities

Affected packages
linux-c6-flashplugin < 11.2r202.535
linux-c6_64-flashplugin < 11.2r202.535
linux-f10-flashplugin < 11.2r202.535

Details

VuXML ID a63f2c06-726b-11e5-a12b-bcaec565249c
Discovery 2015-10-13
Entry 2015-10-14

Adobe reports:

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-7628).

These updates include a defense-in-depth feature in the Flash broker API (CVE-2015-5569).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7643, CVE-2015-7644).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-7632).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634).

[source]

References

CVE Name CVE-2015-5569
CVE Name CVE-2015-7625
CVE Name CVE-2015-7626
CVE Name CVE-2015-7627
CVE Name CVE-2015-7628
CVE Name CVE-2015-7629
CVE Name CVE-2015-7630
CVE Name CVE-2015-7631
CVE Name CVE-2015-7632
CVE Name CVE-2015-7633
CVE Name CVE-2015-7634
CVE Name CVE-2015-7643
CVE Name CVE-2015-7644
URL https://helpx.adobe.com/security/products/flash-player/apsb15-25.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.