SUSE-SU-2017:0523-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170523-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0523-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:0523-1
Upstream
Related
Published
2017-02-20T12:06:55Z
Modified
2026-02-04T02:55:23.755656Z
Summary
Security update for flash-player
Details

The Adobe flash-player was updated to 24.0.0.221 to fix the following issues:

Security update to 24.0.0.221 (bsc#1025258), fixing the following vulnerabilities advised under APSB17-04:

  • type confusion vulnerability that could lead to code execution (CVE-2017-2995).
  • integer overflow vulnerability that could lead to code execution (CVE-2017-2987).
  • use-after-free vulnerabilities that could lead to code execution (CVE-2017-2982, CVE-2017-2985, CVE-2017-2993, CVE-2017-2994).
  • heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017- 2984, CVE-2017-2986, CVE-2017-2992).
  • memory corruption vulnerabilities that could lead to code execution (CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2996).
References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP1 / flash-player

Package

Name
flash-player
Purl
pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.0.221-158.1

Ecosystem specific 

{
    "binaries": [
        {
            "flash-player": "24.0.0.221-158.1",
            "flash-player-gnome": "24.0.0.221-158.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0523-1.json"

SUSE:Linux Enterprise Workstation Extension 12 SP1 / flash-player

Package

Name
flash-player
Purl
pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.0.221-158.1

Ecosystem specific 

{
    "binaries": [
        {
            "flash-player": "24.0.0.221-158.1",
            "flash-player-gnome": "24.0.0.221-158.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0523-1.json"