Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
ce99bc469dca1f7d436a1849cb2cf1854679bb2c55e125b6503bc6d2361e6ca1
----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
SUSE update for flash-player
SECUNIA ADVISORY ID:
SA28213
VERIFY ADVISORY:
http://secunia.com/advisories/28213/
CRITICAL:
Highly critical
IMPACT:
Unknown, Security Bypass, Cross Site Scripting, Manipulation of data,
Exposure of sensitive information, Privilege escalation, DoS, System
access
WHERE:
>From remote
OPERATING SYSTEM:
SUSE Linux 10.1
http://secunia.com/product/10796/
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/
DESCRIPTION:
SUSE has issued an update for flash-player. This fixes some
vulnerabilities, where one vulnerability has an unknown impact and
others can be exploited by malicious, local users to gain escalated
privileges and by malicious people to bypass certain security
restrictions, conduct cross-site scripting and HTTP request splitting
attacks, disclose sensitive information, cause a Denial of Service
(DoS), or to potentially compromise a user's system.
For more information:
SA28161
SOLUTION:
Apply updated packages.
x86 Platform:
openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm
458f40bd9a8e92f6e023e76abead4314
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm
d633f8e0bbd9c409430a966904774ecc
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/flash-player-9.0.115.0-0.2.i586.rpm
c3dda649b3d756ed3e2bacf157488355
Sources:
openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/flash-player-9.0.115.0-0.1.src.rpm
8800a58c48768989b74fed31be4f633c
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/flash-player-9.0.115.0-0.2.src.rpm
1774fb28b6c550af16f738c4daa20a4e
openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/flash-player-9.0.115.0-0.1.src.rpm
ac9d87e16de02daa91202e16cb6fffc3
Novell Linux Desktop 9
http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html
SUSE Linux Enterprise Desktop 10 SP1
http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html
ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
OTHER REFERENCES:
SA28161:
http://secunia.com/advisories/28161/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------