MGASA-2014-0291

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0291.html

Import Source

https://advisories.mageia.org/MGASA-2014-0291.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0291

Related

CVE-2014-0537
CVE-2014-0539
CVE-2014-4671

Published

2014-07-09T23:21:32Z

Modified

2022-01-17T16:38:46Z

Summary

Updated flash-player-plugin packages fix multiple vulnerabilities

Details

Adobe Flash Player 11.2.202.394 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2014-4671).

This update resolves security bypass vulnerabilities (CVE-2014-0537, CVE-2014-0539).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / flash-player-plugin

Package

Name: flash-player-plugin
Purl: pkg:rpm/mageia/flash-player-plugin?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.2.202.394-1.mga3.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / flash-player-plugin

Package

Name: flash-player-plugin
Purl: pkg:rpm/mageia/flash-player-plugin?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

11.2.202.394-1.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}