Flash Player was updated to version 10.1.82.76 fixing several critical security issues: - CVE-2010-0209: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE-2010-2188: CVSS v2 Base Score: 6.8: Buffer Errors (CWE-119) Allowed attackers to cause a memory corruption or possibly even execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments. - CVE-2010-2213: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE-2010-2214: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE2010-2215: CVSS v2 Base Score: 4.3: Other (CWE-Other) Allowed an attack related to so called βclick-jackingβ. - CVE-2010-2216: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown.
Please install the security update. There is no work-around known.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 11.3 | i586 | flash-player | <Β 10.1.82.76-0.1.1 | flash-player-10.1.82.76-0.1.1.i586.rpm |
openSUSE | 11.2 | i586 | flash-player | <Β 10.1.82.76-0.1.1 | flash-player-10.1.82.76-0.1.1.i586.rpm |
SUSE Linux Enterprise Desktop | 11.1 | i586 | flash-player | <Β 10.1.82.76-0.1.1 | flash-player-10.1.82.76-0.1.1.i586.rpm |
openSUSE | 11.1 | i586 | flash-player | <Β 10.1.82.76-0.1.1 | flash-player-10.1.82.76-0.1.1.i586.rpm |