7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
90.0%
Adobe Flash Player 11.2.202.394 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2014-4671). This update resolves security bypass vulnerabilities (CVE-2014-0537, CVE-2014-0539).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | flash-player-plugin | < 11.2.202.394-1 | flash-player-plugin-11.2.202.394-1.mga3.nonfree |
Mageia | 4 | noarch | flash-player-plugin | < 11.2.202.394-1 | flash-player-plugin-11.2.202.394-1.mga4.nonfree |