[arch-security] [ASA-201501-16] unpatched 0day in flash
chris.rebischke at gmail.com
chris.rebischke at gmail.com
Fri Jan 23 12:44:42 UTC 2015
Hello,
The malware researcher 'kafeine' found an 0day in Flash used by Angler EK malware.
The CVEs:
CVE-2014-8440
CVE-2015-0310
CVE-2015-0311 <- The 0day
Actual Version flash version in archlinux: flashplugin 11.2.202.429-1
Is our version vulnerable too? Have somebody some information about this?
regards
Chris
==============
References:
http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
http://helpx.adobe.com/security/products/flash-player/apsb15-02.html
http://malware.dontneedcoffee.com/2015/01/cve-2014-9162-flash-1500242-and-below.html
http://malware.dontneedcoffee.com/2014/11/cve-2014-8440.html
http://helpx.adobe.com/security/products/flash-player/apsa15-01.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20150123/7722674f/attachment.asc>
More information about the arch-security
mailing list