Lucene search

Arch LinuxASA-201511-5

HistoryNov 11, 2015 - 12:00 a.m.

flashplugin: multiple issues

2015-11-1100:00:00

Arch Linux

lists.archlinux.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.907 High

EPSS

Percentile

98.5%

JSON

CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654
CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658
CVE-2015-7660 CVE-2015-7661 CVE-2015-7663 CVE-2015-8042
CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 (arbitrary code execution)

It has been discovered that multiple use-after-free vulnerabilities
could lead to arbitrary code execution.

CVE-2015-7659 (arbitrary code execution)

A type confusion vulnerability has been discovered that could lead to
arbitrary code execution.

CVE-2015-7662 (access restriction bypass)

A security bypass vulnerability has been discovered that could be
exploited to write arbitrary data to the file system under user permissions.

OSVersionArchitecturePackageVersionFilename
anyanyanyflashplugin< 11.2.202.548-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
any	any	any	flashplugin	< 11.2.202.548-1	UNKNOWN

References

access.redhat.com/security/cve/CVE-2015-7651

access.redhat.com/security/cve/CVE-2015-7652

access.redhat.com/security/cve/CVE-2015-7653

access.redhat.com/security/cve/CVE-2015-7654

access.redhat.com/security/cve/CVE-2015-7655

access.redhat.com/security/cve/CVE-2015-7656

access.redhat.com/security/cve/CVE-2015-7657

access.redhat.com/security/cve/CVE-2015-7658

access.redhat.com/security/cve/CVE-2015-7659

access.redhat.com/security/cve/CVE-2015-7660

access.redhat.com/security/cve/CVE-2015-7661

access.redhat.com/security/cve/CVE-2015-7662

access.redhat.com/security/cve/CVE-2015-7663

access.redhat.com/security/cve/CVE-2015-8042

access.redhat.com/security/cve/CVE-2015-8043

access.redhat.com/security/cve/CVE-2015-8044

access.redhat.com/security/cve/CVE-2015-8046

helpx.adobe.com/security/products/flash-player/apsb15-28.html

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.907 High

EPSS

Percentile

98.5%

JSON

Related for ASA-201511-5