[arch-security] [ASA-201512-17] flashplugin, lib32-flashplugin: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Mon Dec 28 18:33:42 UTC 2015
Arch Linux Security Advisory ASA-201512-17
==========================================
Severity: Critical
Date : 2015-12-28
CVE-ID : CVE-2015-8459 CVE-2015-8460 CVE-2015-8634 CVE-2015-8635
CVE-2015-8636 CVE-2015-8638 CVE-2015-8639 CVE-2015-8640 CVE-2015-8641
CVE-2015-8642 CVE-2015-8643 CVE-2015-8644 CVE-2015-8645 CVE-2015-8646
CVE-2015-8647 CVE-2015-8648 CVE-2015-8649 CVE-2015-8650 CVE-2015-8651
Package : flashplugin, lib32-flashplugin
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The packages flashplugin and lib32-flashplugin before version
11.2.202.559-1 are vulnerable to multiple issues, including remote code
execution. At least one of these vulnerabilities, CVE-2015-8651, has
been reported in use for targeted attacks.
Resolution
==========
Upgrade to 11.2.202.559-1.
# pacman -Syu "flashplugin>=11.2.202.559-1"
# pacman -Syu "lib32-flashplugin>=11.2.202.559-1"
The problem has been fixed upstream in version 11.2.202.559.
Workaround
==========
None.
Description
===========
- CVE-2015-8459:
Memory corruption vulnerabilities that could lead to code execution.
Credited to Kai Kang of Tencent's Xuanwu LAB.
- CVE-2015-8460:
Memory corruption vulnerabilities that could lead to code execution.
Credited to Jie Zeng of Qihoo 360.
- CVE-2015-8634, CVE-2015-8635:
Use-after-free vulnerabilities that could lead to code execution.
Credited to Ben Hawkes, Mateusz Jurczyk and Natalie Silvanovich of
Google Project Zero.
- CVE-2015-8636:
Memory corruption vulnerabilities that could lead to code execution.
Credited to Ben Hawkes, Mateusz Jurczyk and Natalie Silvanovich of
Google Project Zero.
- CVE-2015-8638, CVE-2015-8639:
Use-after-free vulnerabilities that could lead to code execution.
Credited to Anonymous working with HP's Zero Day Initiative.
- CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643,
CVE-2015-8646:
Use-after-free vulnerabilities that could lead to code execution.
Credited to Yuki Chen of Qihoo 360 Vulcan Team.
- CVE-2015-8644:
Type confusion vulnerability that could lead to code execution. Credited
to Natalie Silvanovich of Google Project Zero.
- CVE-2015-8645:
Memory corruption vulnerabilities that could lead to code execution.
Credited to Jaehun Jeong (@n3sk) of WINS, WSEC Analysis Team working
with Chromium Vulnerability Reward Program.
- CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650:
Use-after-free vulnerabilities that could lead to code execution.
Credited to Anonymous working with HP's Zero Day Initiative.
- CVE-2015-8651:
Integer overflow vulnerability that could lead to code execution.
Credited to Kai Wang and Hunter Gao of Huawei's IT Infrastructure &
Security Dept, BPIT&QM.
Adobe is aware of a report that an exploit for CVE-2015-8651 is being
used in limited, targeted attacks.
Impact
======
A remote attacker can execute arbitrary code on the affected host.
References
==========
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
https://access.redhat.com/security/cve/CVE-2015-8459
https://access.redhat.com/security/cve/CVE-2015-8460
https://access.redhat.com/security/cve/CVE-2015-8634
https://access.redhat.com/security/cve/CVE-2015-8635
https://access.redhat.com/security/cve/CVE-2015-8636
https://access.redhat.com/security/cve/CVE-2015-8638
https://access.redhat.com/security/cve/CVE-2015-8639
https://access.redhat.com/security/cve/CVE-2015-8640
https://access.redhat.com/security/cve/CVE-2015-8641
https://access.redhat.com/security/cve/CVE-2015-8642
https://access.redhat.com/security/cve/CVE-2015-8643
https://access.redhat.com/security/cve/CVE-2015-8644
https://access.redhat.com/security/cve/CVE-2015-8645
https://access.redhat.com/security/cve/CVE-2015-8646
https://access.redhat.com/security/cve/CVE-2015-8647
https://access.redhat.com/security/cve/CVE-2015-8648
https://access.redhat.com/security/cve/CVE-2015-8649
https://access.redhat.com/security/cve/CVE-2015-8650
https://access.redhat.com/security/cve/CVE-2015-8651
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20151228/67f1bebc/attachment.asc>
More information about the arch-security
mailing list