9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security page APSB12-03, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2012-0752,
CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756)
A flaw in flash-plugin could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2012-0767)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.3.183.15.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | flash-plugin | <ย 10.3.183.15-1.el6 | flash-plugin-10.3.183.15-1.el6.i686.rpm |
RedHat | 5 | i386 | flash-plugin | <ย 10.3.183.15-1.el5 | flash-plugin-10.3.183.15-1.el5.i386.rpm |