HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.
021fafb148eaa7499368e2f492a72e294ccb2bb8b74ab1e934650ab7292fb145
HP Security Bulletin HPSBHF03509 1 - HP has released updates to the HP ThinPro and HP Smart Zero Core operating systems to address two vulnerabilities found in Adobe Flash Player versions v11.x through v11.2.202.481 on Linux. These vulnerabilities allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that either leverages improper handling of the opaqueBackground property or overrides a ValueOf function, as exploited in the wild in July 2015. Revision 1 of this advisory.
e6bb7bc9c737d98fc3a4dca51f25b28ad5851e17a20b20cf3f300bd1ed5f397c
Gentoo Linux Security Advisory 201508-1 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.508 are affected.
0847bbaee6df81c0c128448e66176965e633dd961c717381e4b388a8b8ad5416
Red Hat Security Advisory 2015-1235-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-18 listed in the References section. Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
4cf10ad07146533c8b547310b7ff129e572328fc4216246e24c559dac2cf24b5
This Metasploit module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as an Use After Free while handling the opaqueBackground property 7 setter of the flash.display.DisplayObject class. This Metasploit module is an early release tested on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), IE9 and Adobe Flash Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox + Adobe Flash 18.0.0.194, windows 8.1, Firefox and Adobe Flash 18.0.0.203, Windows 8.1, Firefox and Adobe Flash 18.0.0.160, and Windows 8.1, Firefox and Adobe Flash 18.0.0.194
8ce9c20b7334d2feb9c4fe25343ecb322adf1f1d89bf09897d3a0ae1ed81bb41