This update resolves
a universal cross-site scripting issue that could be
used to take actions on a user’s behalf on any website or
webmail provider if the user visits a malicious website
(CVE-2011-2444).
Note: There are reports that this issue is being
exploited in the wild in active targeted attacks designed
to trick the user into clicking on a malicious link
delivered in an email message.
an AVM stack overflow issue that may allow for remote
code execution. (CVE-2011-2426).
an AVM stack overflow issue that may lead to denial
of service and code execution. (CVE-2011-2427).
a logic error issue which causes a browser crash and
may lead to code execution. (CVE-2011- 2428).
a Flash Player security control bypass which could
allow information disclosure. (CVE-2011-2429).
a streaming media logic error vulnerability which
could lead to code execution. (CVE-2011-2430).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Desktop | 11.1 | i586 | flash-player | < 10.3.183.10-0.2.1 | flash-player-10.3.183.10-0.2.1.i586.rpm |
SUSE Linux Enterprise Desktop | 10.4 | i586 | flash-player | < 10.3.183.10-0.5.1 | flash-player-10.3.183.10-0.5.1.i586.rpm |