exploit the possibilities

Gentoo Linux Security Advisory 201101-09

Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
MD5 | 9f2ff7f25d3cc3ffeb917a714d00127a

Gentoo Linux Security Advisory 201101-09

Change Mirror Download
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201101-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Adobe Flash Player: Multiple vulnerabilities
Date: January 21, 2011
Bugs: #307749, #322855, #332205, #337204, #343089
ID: 201101-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in Adobe Flash Player might allow remote
attackers to execute arbitrary code or cause a Denial of Service.

Background
==========

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-plugins/adobe-flash < 10.1.102.64 >= 10.1.102.64

Description
===========

Multiple vulnerabilities were discovered in Adobe Flash Player. For
further information please consult the CVE entries and the Adobe
Security Bulletins referenced below.

Impact
======

A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running the application, or a Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Adobe Flash Player users should upgrade to the latest stable
version:

# emerge --sync
# emerge --ask --oneshot --verbose
">=www-plugins/adobe-flash-10.1.102.64"

References
==========

[ 1 ] APSB10-06
http://www.adobe.com/support/security/bulletins/apsb10-06.html
[ 2 ] APSB10-14
http://www.adobe.com/support/security/bulletins/apsb10-14.html
[ 3 ] APSB10-16
http://www.adobe.com/support/security/bulletins/apsb10-16.html
[ 4 ] APSB10-22
http://www.adobe.com/support/security/bulletins/apsb10-22.html
[ 5 ] APSB10-26
http://www.adobe.com/support/security/bulletins/apsb10-26.html
[ 6 ] CVE-2008-4546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4546
[ 7 ] CVE-2009-3793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3793
[ 8 ] CVE-2010-0186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186
[ 9 ] CVE-2010-0187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0187
[ 10 ] CVE-2010-0209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0209
[ 11 ] CVE-2010-1297
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297
[ 12 ] CVE-2010-2160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2160
[ 13 ] CVE-2010-2161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2161
[ 14 ] CVE-2010-2162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2162
[ 15 ] CVE-2010-2163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2163
[ 16 ] CVE-2010-2164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2164
[ 17 ] CVE-2010-2165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2165
[ 18 ] CVE-2010-2166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2166
[ 19 ] CVE-2010-2167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2167
[ 20 ] CVE-2010-2169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2169
[ 21 ] CVE-2010-2170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2170
[ 22 ] CVE-2010-2171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2171
[ 23 ] CVE-2010-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2172
[ 24 ] CVE-2010-2173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2173
[ 25 ] CVE-2010-2174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2174
[ 26 ] CVE-2010-2175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2175
[ 27 ] CVE-2010-2176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2176
[ 28 ] CVE-2010-2177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2177
[ 29 ] CVE-2010-2178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2178
[ 30 ] CVE-2010-2179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2179
[ 31 ] CVE-2010-2180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2180
[ 32 ] CVE-2010-2181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2181
[ 33 ] CVE-2010-2182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2182
[ 34 ] CVE-2010-2183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2183
[ 35 ] CVE-2010-2184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2184
[ 36 ] CVE-2010-2185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2185
[ 37 ] CVE-2010-2186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2186
[ 38 ] CVE-2010-2187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2187
[ 39 ] CVE-2010-2188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2188
[ 40 ] CVE-2010-2189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2189
[ 41 ] CVE-2010-2213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2213
[ 42 ] CVE-2010-2214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2214
[ 43 ] CVE-2010-2215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2215
[ 44 ] CVE-2010-2216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2216
[ 45 ] CVE-2010-2884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
[ 46 ] CVE-2010-3636
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3636
[ 47 ] CVE-2010-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3639
[ 48 ] CVE-2010-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3640
[ 49 ] CVE-2010-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3641
[ 50 ] CVE-2010-3642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3642
[ 51 ] CVE-2010-3643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3643
[ 52 ] CVE-2010-3644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3644
[ 53 ] CVE-2010-3645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3645
[ 54 ] CVE-2010-3646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3646
[ 55 ] CVE-2010-3647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3647
[ 56 ] CVE-2010-3648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3648
[ 57 ] CVE-2010-3649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3649
[ 58 ] CVE-2010-3650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3650
[ 59 ] CVE-2010-3652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3652
[ 60 ] CVE-2010-3654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
[ 61 ] CVE-2010-3976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3976

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201101-09.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



Login or Register to add favorites

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close