[arch-security] [ASA-201609-11] flashplugin: multiple issues

Levente Polyak anthraxx at archlinux.org
Thu Sep 15 08:20:10 UTC 2016 

Arch Linux Security Advisory ASA-201609-11
==========================================

Severity: Critical
Date    : 2016-09-15
CVE-ID  : CVE-2016-4271 CVE-2016-4272 CVE-2016-4274 CVE-2016-4275
          CVE-2016-4276 CVE-2016-4277 CVE-2016-4278 CVE-2016-4279
          CVE-2016-4280 CVE-2016-4281 CVE-2016-4282 CVE-2016-4283
          CVE-2016-4284 CVE-2016-4285 CVE-2016-4287 CVE-2016-6921
          CVE-2016-6922 CVE-2016-6923 CVE-2016-6924 CVE-2016-6925
          CVE-2016-6926 CVE-2016-6927 CVE-2016-6929 CVE-2016-6930
          CVE-2016-6931 CVE-2016-6932
Package : flashplugin
Type    : multiple issues
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package flashplugin before version 11.2.202.635-1 is vulnerable to
multiple issues including arbitrary code execution and information
disclosure.

Resolution
==========

Upgrade to 11.2.202.635-1.

# pacman -Syu "flashplugin>=11.2.202.635-1"

The problems have been fixed upstream in version 11.2.202.635.

Workaround
==========

None.

Description
===========

- CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280,
  CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284,
  CVE-2016-4285, CVE-2016-6922, CVE-2016-6924 (arbitrary code execution)

Multiple Memory corruption vulnerabilities that could lead to arbitrary
code execution have been found. These vulnerabilities were discovered by
Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, willJ of
Tencent PC Manager, Yuki Chen of Qihoo 360 Vulcan Team,
b0nd at garage4hackers working with Trend Micro's Zero Day Initiative, and
Tao Yan (@Ga1ois) of Palo Alto Networks

- CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923,
  CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929,
  CVE-2016-6930, CVE-2016-6931, CVE-2016-6932 (arbitrary code execution)

Multiple use-after-free vulnerabilities that could lead to arbitrary
code execution have been found. These vulnerabilities have been
discovered by, Mumei working with Trend Micro's Zero Day Initiative,
Yuki Chen of Qihoo 360 Vulcan Team working with the Chromium
Vulnerability Rewards Program, willJ of Tencent PC Manager, JieZeng of
Tencent Zhanlu Lab working with the Chromium Vulnerability Rewards
Program, Nicolas Joly of Microsoft Vulnerability Research, and Yuki Chen
of Qihoo 360 Vulcan Team

- CVE-2016-4287 (arbitrary code execution)

An integer overflow vulnerability that could lead to arbitrary code
execution has been found. This vulnerability has been discovered by Yuki
Chen of Qihoo 360 Vulcan Team working with the Chromium Vulnerability
Rewards Program.

- CVE-2016-4271, CVE-2016-4277, CVE-2016-4278 (information disclosure)

A Security bypass vulnerablity that could lead to information disclosure
has been found. These vulnerabilities have been found by Leone
Pontorieri, Soroush Dalili and Matthew Evans from NCC Group, and Nicolas
Joly of Microsoft Vulnerability Research


Impact
======

A remote attacker can execute arbitrary code, bypass security checks, or
disclose information on the affected host via unspecified vectors.

References
==========

https://helpx.adobe.com/security/products/flash-player/apsb16-29.html
https://access.redhat.com/security/cve/CVE-2016-4271
https://access.redhat.com/security/cve/CVE-2016-4272
https://access.redhat.com/security/cve/CVE-2016-4274
https://access.redhat.com/security/cve/CVE-2016-4275
https://access.redhat.com/security/cve/CVE-2016-4276
https://access.redhat.com/security/cve/CVE-2016-4277
https://access.redhat.com/security/cve/CVE-2016-4278
https://access.redhat.com/security/cve/CVE-2016-4279
https://access.redhat.com/security/cve/CVE-2016-4280
https://access.redhat.com/security/cve/CVE-2016-4281
https://access.redhat.com/security/cve/CVE-2016-4282
https://access.redhat.com/security/cve/CVE-2016-4283
https://access.redhat.com/security/cve/CVE-2016-4284
https://access.redhat.com/security/cve/CVE-2016-4285
https://access.redhat.com/security/cve/CVE-2016-4287
https://access.redhat.com/security/cve/CVE-2016-6921
https://access.redhat.com/security/cve/CVE-2016-6922
https://access.redhat.com/security/cve/CVE-2016-6923
https://access.redhat.com/security/cve/CVE-2016-6924
https://access.redhat.com/security/cve/CVE-2016-6925
https://access.redhat.com/security/cve/CVE-2016-6926
https://access.redhat.com/security/cve/CVE-2016-6927
https://access.redhat.com/security/cve/CVE-2016-6929
https://access.redhat.com/security/cve/CVE-2016-6930
https://access.redhat.com/security/cve/CVE-2016-6931
https://access.redhat.com/security/cve/CVE-2016-6932

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160915/2ee5357c/attachment.asc>

More information about the arch-security mailing list