Test Kennung:	1.3.6.1.4.1.25623.1.0.850970
Kategorie:	SuSE Local Security Checks
Titel:	SUSE: Security Advisory for flash-player (SUSE-SU-2014:1124-1)
Zusammenfassung:	The remote host is missing an update for the 'flash-player'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'flash-player' package(s) announced via the referenced advisory. Vulnerability Insight: Adobe Flash Player has been updated to 11.2.202.406 which fixes various security issues. These updates: * resolve a memory leakage vulnerability that could have been used to bypass memory address randomization (CVE-2014-0557). * resolve a security bypass vulnerability (CVE-2014-0554). * resolve a use-after-free vulnerability that could have lead to code execution (CVE-2014-0553). * resolve memory corruption vulnerabilities that could have lead to code execution (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555). * resolve a vulnerability that could have been used to bypass the same origin policy (CVE-2014-0548). * resolve a heap buffer overflow vulnerability that could have lead to code execution (CVE-2014-0556, CVE-2014-0559). Security Issues: * CVE-2014-0547 * CVE-2014-0548 * CVE-2014-0549 * CVE-2014-0550 * CVE-2014-0551 * CVE-2014-0552 * CVE-2014-0553 * CVE-2014-0554 * CVE-2014-0555 Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: flash-player on SUSE Linux Enterprise Desktop 11 SP3 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0547 BugTraq ID: 69695 http://www.securityfocus.com/bid/69695 http://security.gentoo.org/glsa/glsa-201409-05.xml http://www.securitytracker.com/id/1030822 http://secunia.com/advisories/61089 SuSE Security Announcement: SUSE-SU-2014:1124 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html SuSE Security Announcement: openSUSE-SU-2014:1110 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html SuSE Security Announcement: openSUSE-SU-2014:1130 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html XForce ISS Database: adobe-flash-cve20140547-code-exec(95817) https://exchange.xforce.ibmcloud.com/vulnerabilities/95817 Common Vulnerability Exposure (CVE) ID: CVE-2014-0548 BugTraq ID: 69705 http://www.securityfocus.com/bid/69705 XForce ISS Database: adobe-flash-cve20140548-sec-bypass(95818) https://exchange.xforce.ibmcloud.com/vulnerabilities/95818 Common Vulnerability Exposure (CVE) ID: CVE-2014-0549 BugTraq ID: 69699 http://www.securityfocus.com/bid/69699 XForce ISS Database: adobe-flash-cve20140549-code-exec(95819) https://exchange.xforce.ibmcloud.com/vulnerabilities/95819 Common Vulnerability Exposure (CVE) ID: CVE-2014-0550 BugTraq ID: 69700 http://www.securityfocus.com/bid/69700 XForce ISS Database: adobe-flash-cve20140550-code-exec(95820) https://exchange.xforce.ibmcloud.com/vulnerabilities/95820 Common Vulnerability Exposure (CVE) ID: CVE-2014-0551 BugTraq ID: 69702 http://www.securityfocus.com/bid/69702 XForce ISS Database: adobe-flash-cve20140551-code-exec(95821) https://exchange.xforce.ibmcloud.com/vulnerabilities/95821 Common Vulnerability Exposure (CVE) ID: CVE-2014-0552 BugTraq ID: 69703 http://www.securityfocus.com/bid/69703 XForce ISS Database: adobe-flash-cve20140552-code-exec(95822) https://exchange.xforce.ibmcloud.com/vulnerabilities/95822 Common Vulnerability Exposure (CVE) ID: CVE-2014-0553 BugTraq ID: 69707 http://www.securityfocus.com/bid/69707 XForce ISS Database: adobe-flash-cve20140553-code-exec(95823) https://exchange.xforce.ibmcloud.com/vulnerabilities/95823 Common Vulnerability Exposure (CVE) ID: CVE-2014-0554 BugTraq ID: 69697 http://www.securityfocus.com/bid/69697 XForce ISS Database: adobe-flash-cve20140554-sec-bypass(95824) https://exchange.xforce.ibmcloud.com/vulnerabilities/95824 Common Vulnerability Exposure (CVE) ID: CVE-2014-0555 BugTraq ID: 69706 http://www.securityfocus.com/bid/69706 XForce ISS Database: adobe-flash-cve20140555-code-exec(95825) https://exchange.xforce.ibmcloud.com/vulnerabilities/95825 Common Vulnerability Exposure (CVE) ID: CVE-2014-0556 BugTraq ID: 69696 http://www.securityfocus.com/bid/69696 https://www.exploit-db.com/exploits/36808/ http://googleprojectzero.blogspot.com/2014/09/exploiting-cve-2014-0556-in-flash.html http://packetstormsecurity.com/files/131516/Adobe-Flash-Player-copyPixelsToByteArray-Integer-Overflow.html https://code.google.com/p/google-security-research/issues/detail?id=46 http://www.osvdb.org/111110 XForce ISS Database: adobe-flash-cve20140556-bo(95826) https://exchange.xforce.ibmcloud.com/vulnerabilities/95826 Common Vulnerability Exposure (CVE) ID: CVE-2014-0557 BugTraq ID: 69701 http://www.securityfocus.com/bid/69701 XForce ISS Database: adobe-flash-cve20140557-sec-bypass(95827) https://exchange.xforce.ibmcloud.com/vulnerabilities/95827 Common Vulnerability Exposure (CVE) ID: CVE-2014-0559 BugTraq ID: 69704 http://www.securityfocus.com/bid/69704 XForce ISS Database: adobe-flash-cve20140559-bo(95828) https://exchange.xforce.ibmcloud.com/vulnerabilities/95828
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.