Lucene search

K
redhatRedHatRHSA-2015:0140
HistoryFeb 06, 2015 - 12:00 a.m.

(RHSA-2015:0140) Critical: flash-plugin security update

2015-02-0600:00:00
access.redhat.com
16

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed in the Adobe Security Bulletin APSB15-04
listed in the References section.

Multiple flaws were found in the way flash-plugin displayed certain SWF
content. An attacker could use these flaws to create a specially crafted
SWF file that would cause flash-plugin to crash or, potentially, execute
arbitrary code when the victim loaded a page containing the malicious SWF
content. (CVE-2015-0314, CVE-2015-0315, CVE-2015-0316, CVE-2015-0317,
CVE-2015-0318, CVE-2015-0319, CVE-2015-0320, CVE-2015-0321, CVE-2015-0322,
CVE-2015-0323, CVE-2015-0324, CVE-2015-0325, CVE-2015-0326, CVE-2015-0327,
CVE-2015-0328, CVE-2015-0329, CVE-2015-0330)

All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 11.2.202.442.

OSVersionArchitecturePackageVersionFilename
RedHat6i686flash-plugin<Β 11.2.202.442-1.el6flash-plugin-11.2.202.442-1.el6.i686.rpm
RedHat5i386flash-plugin<Β 11.2.202.442-1.el5flash-plugin-11.2.202.442-1.el5.i386.rpm

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%