flashplugin: multiple issues

2015-11-11T00:00:00
ID ASA-201511-5
Type archlinux
Reporter Arch Linux
Modified 2015-11-11T00:00:00

Description

  • CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7660 CVE-2015-7661 CVE-2015-7663 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 (arbitrary code execution)

It has been discovered that multiple use-after-free vulnerabilities could lead to arbitrary code execution.

  • CVE-2015-7659 (arbitrary code execution)

A type confusion vulnerability has been discovered that could lead to arbitrary code execution.

  • CVE-2015-7662 (access restriction bypass)

A security bypass vulnerability has been discovered that could be exploited to write arbitrary data to the file system under user permissions.