Uočeno je 12 sigurnosnih propusta u programskom paketu Flash Player koji mogu biti iskorišteni za izvođenje DoS napada, izvršavanje zlonamjernog programskog koda ili zaobilaženje postavljenih ograničenja.
Paket:
Flash Player 10.x
Operacijski sustavi:
openSUSE 11.3, openSUSE 11.4
Kritičnost:
10
Problem:
pogreška u programskoj komponenti, preljev međuspremnika
Dvije ranjivosti su uzrokovane preljevom međuspremnika. Preostale nepravilnosti su posljedica nespecificiranh pogrešaka.
Posljedica:
Udaljeni napadač može iskoristiti navedene nedostatke za proizvoljno izvršavanje programskog koda, izvođenje DoS napada te, ako se koristi Internet Explorer, za zaobilaženje postavljenih ograničenja.
openSUSE Security Update: VUL-0: flash-player: sec. update to version
11.1.102.55
______________________________________________________________________________
Announcement ID: openSUSE-SU-2011:1240-1
Rating: critical
References: #729797
Cross-References: CVE-2011-2445 CVE-2011-2450 CVE-2011-2451
CVE-2011-2452 CVE-2011-2453 CVE-2011-2454
CVE-2011-2455 CVE-2011-2456 CVE-2011-2457
CVE-2011-2458 CVE-2011-2459 CVE-2011-2460
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________
An update that fixes 12 vulnerabilities is now available.
It includes two new package versions.
Description:
flash-player update to version 11.1.102.55 to fix the
following critical security issues:
CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452,
CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456,
CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch flash-player-5420
- openSUSE 11.3:
zypper in -t patch flash-player-5420
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (i586 x86_64) [New Version: 11.1.102.55]:
flash-player-11.1.102.55-0.4.1
- openSUSE 11.3 (i586) [New Version: 10.3.183.10]:
flash-player-10.3.183.10-0.2.1
References:
http://support.novell.com/security/cve/CVE-2011-2445.html
http://support.novell.com/security/cve/CVE-2011-2450.html
http://support.novell.com/security/cve/CVE-2011-2451.html
http://support.novell.com/security/cve/CVE-2011-2452.html
http://support.novell.com/security/cve/CVE-2011-2453.html
http://support.novell.com/security/cve/CVE-2011-2454.html
http://support.novell.com/security/cve/CVE-2011-2455.html
http://support.novell.com/security/cve/CVE-2011-2456.html
http://support.novell.com/security/cve/CVE-2011-2457.html
http://support.novell.com/security/cve/CVE-2011-2458.html
http://support.novell.com/security/cve/CVE-2011-2459.html
http://support.novell.com/security/cve/CVE-2011-2460.html
https://bugzilla.novell.com/729797
--
To unsubscribe, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
For additional commands, e-mail: Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
Posljednje sigurnosne preporuke