(RHSA-2011:0259) Critical: flash-plugin - 1-Month End Of Life Notice

2011-02-15T05:00:00
ID RHSA-2011:0259
Type redhat
Reporter RedHat
Modified 2017-07-22T04:32:45

Description

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

Adobe Flash Player 9 is vulnerable to critical security flaws and should no longer be used. A remote attacker could use these flaws to execute arbitrary code with the privileges of the user running Flash Player 9. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607, CVE-2011-0608)

Adobe is no longer providing security updates for Adobe Flash Player 9, and is not providing a replacement Flash Player version compatible with Red Hat Enterprise Linux 4.

In one month Red Hat plans to release an update for the flash-plugin package that will prevent it from functioning. User wishing to continue using Flash Player 9, despite the vulnerabilities, can add the flash-plugin package to the up2date skip list. Refer to the following Red Hat Knowledgebase article for instructions on adding a package to the up2date skip list: https://access.redhat.com/kb/docs/DOC-1639