Search criteria
1799 vulnerabilities found for air by adobe
VAR-201302-0307
Vulnerability from variot - Updated: 2024-07-23 22:19Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.36"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.1060"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.37"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3690"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57912"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1372",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1372",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61374",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1372",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-179",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61374",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1372"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "BID",
"id": "57912"
},
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1372",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57912",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "BID",
"id": "57912"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"id": "VAR-201302-0307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61374"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:19:51.408000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1372"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1372"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "BID",
"id": "57912"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61374"
},
{
"db": "BID",
"id": "57912"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61374"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57912"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"date": "2013-02-12T20:55:05.043000",
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61374"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57912"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001474"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-179"
},
{
"date": "2018-12-06T19:54:49.427000",
"db": "NVD",
"id": "CVE-2013-1372"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001474"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-179"
}
],
"trust": 0.6
}
}
VAR-201108-0184
Vulnerability from variot - Updated: 2024-07-23 21:56Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2134 , CVE-2011-2137 ,and CVE-2011-2414 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Red Hat update for flash-plugin
SECUNIA ADVISORY ID: SA45593
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
RELEASE DATE: 2011-08-12
DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45593/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0184",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "air",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 1.7,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
}
],
"sources": [
{
"db": "BID",
"id": "49077"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vitaliy Toropov via iDefense Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
}
],
"trust": 0.6
},
"cve": "CVE-2011-2415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2415",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50360",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2415",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-184",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50360",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2134 , CVE-2011-2137 ,and CVE-2011-2414 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA45593\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45593/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nRELEASE DATE:\n2011-08-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45593/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45593/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information and compromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2011:1144-1:\nhttps://rhn.redhat.com/errata/RHSA-2011-1144.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2415"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "BID",
"id": "49077"
},
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2415",
"trust": 3.3
},
{
"db": "BID",
"id": "49077",
"trust": 2.2
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "74441",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "BID",
"id": "49079",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-50360",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103929",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "BID",
"id": "49077"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"id": "VAR-201108-0184",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50360"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:56:59.027000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/49077"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13940"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16070"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2415"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2415"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74441"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49079"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "BID",
"id": "49077"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50360"
},
{
"db": "BID",
"id": "49077"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50360"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49077"
},
{
"date": "2011-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "2011-08-11T08:17:54",
"db": "PACKETSTORM",
"id": "103929"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"date": "2011-08-10T22:55:00.970000",
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50360"
},
{
"date": "2015-03-19T08:33:00",
"db": "BID",
"id": "49077"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002157"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-184"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2415"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002157"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-184"
}
],
"trust": 0.6
}
}
VAR-201211-0367
Vulnerability from variot - Updated: 2024-07-23 21:48Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5276 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56545"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5277",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5277",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5277",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-134",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58558",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5276 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5277"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "BID",
"id": "56545"
},
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5277",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "BID",
"id": "56545",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-58558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "BID",
"id": "56545"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"id": "VAR-201211-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58558"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:48:07.636000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
},
{
"title": "install_flash_player_pre_ics",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45366"
},
{
"title": "install_flash_player_ics",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45365"
},
{
"title": "fp_11.5.502.146_archive",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45364"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79848"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5277"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5277"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.4,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/kb34161"
},
{
"trust": 0.3,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00090.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "BID",
"id": "56545"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58558"
},
{
"db": "BID",
"id": "56545"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58558"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56545"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"date": "2012-11-07T05:41:22.193000",
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58558"
},
{
"date": "2015-03-19T09:20:00",
"db": "BID",
"id": "56545"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005273"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-134"
},
{
"date": "2018-12-04T17:49:33.147000",
"db": "NVD",
"id": "CVE-2012-5277"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005273"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-134"
}
],
"trust": 0.6
}
}
VAR-201302-0309
Vulnerability from variot - Updated: 2024-07-23 21:43Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0644 and CVE-2013-0649 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.52.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.106.17"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57932"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1374",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1374",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61376",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1374",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-181",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61376",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0644 and CVE-2013-0649 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1374"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "BID",
"id": "57932"
},
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1374",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57932",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61376",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "BID",
"id": "57932"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"id": "VAR-201302-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61376"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:43:28.487000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1374"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1374"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.ie/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "BID",
"id": "57932"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61376"
},
{
"db": "BID",
"id": "57932"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61376"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57932"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"date": "2013-02-12T20:55:05.120000",
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61376"
},
{
"date": "2015-03-19T08:48:00",
"db": "BID",
"id": "57932"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001487"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-181"
},
{
"date": "2018-12-06T19:52:11.517000",
"db": "NVD",
"id": "CVE-2013-1374"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-181"
}
],
"trust": 0.6
}
}
VAR-201211-0366
Vulnerability from variot - Updated: 2024-07-23 21:42Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0366",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56544"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5276",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5276",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58557",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5276",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-133",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58557",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5275 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5276"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "BID",
"id": "56544"
},
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5276",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "BID",
"id": "56544",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-58557",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "BID",
"id": "56544"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"id": "VAR-201211-0366",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58557"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:42:50.004000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
},
{
"title": "install_flash_player_pre_ics",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45366"
},
{
"title": "install_flash_player_ics",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45365"
},
{
"title": "fp_11.5.502.146_archive",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45364"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79847"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5276"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5276"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "BID",
"id": "56544"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58557"
},
{
"db": "BID",
"id": "56544"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58557"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56544"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"date": "2012-11-07T05:41:22.147000",
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58557"
},
{
"date": "2015-03-19T09:05:00",
"db": "BID",
"id": "56544"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005272"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-133"
},
{
"date": "2018-12-04T17:44:09.267000",
"db": "NVD",
"id": "CVE-2012-5276"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-133"
}
],
"trust": 0.6
}
}
VAR-201302-0262
Vulnerability from variot - Updated: 2024-07-23 21:40Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638. Adobe Flash Player Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2013-0638 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.1060"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3650"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3690"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57927"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0647",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60649",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0647",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-171",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60649",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638. Adobe Flash Player Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2013-0638 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nSuccessful exploitation of vulnerabilities #1 through #5 may allow\nexecution of arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0647"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "BID",
"id": "57927"
},
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0647",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57927",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "BID",
"id": "57927"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"id": "VAR-201302-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60649"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:40:39.972000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0647"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0647"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.ie/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "BID",
"id": "57927"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60649"
},
{
"db": "BID",
"id": "57927"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60649"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57927"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"date": "2013-02-12T20:55:04.557000",
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60649"
},
{
"date": "2015-03-19T08:35:00",
"db": "BID",
"id": "57927"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001485"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-171"
},
{
"date": "2018-12-06T19:50:48.563000",
"db": "NVD",
"id": "CVE-2013-0647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001485"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-171"
}
],
"trust": 0.6
}
}
VAR-201009-0241
Vulnerability from variot - Updated: 2024-07-23 21:20Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Adobe Flash Contains a vulnerability. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. Failed attacks may cause denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201101-08
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 21, 2011 Bugs: #336508, #343091 ID: 201101-08
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code.
Background
Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.1 >= 9.4.1
Description
Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.1"
References
[ 1 ] APSB10-21 http://www.adobe.com/support/security/bulletins/apsb10-21.html [ 2 ] APSB10-28 http://www.adobe.com/support/security/bulletins/apsb10-28.html [ 3 ] CVE-2010-2883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883 [ 4 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 5 ] CVE-2010-2887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887 [ 6 ] CVE-2010-2889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889 [ 7 ] CVE-2010-2890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890 [ 8 ] CVE-2010-3619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619 [ 9 ] CVE-2010-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620 [ 10 ] CVE-2010-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621 [ 11 ] CVE-2010-3622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622 [ 12 ] CVE-2010-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625 [ 13 ] CVE-2010-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626 [ 14 ] CVE-2010-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627 [ 15 ] CVE-2010-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628 [ 16 ] CVE-2010-3629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629 [ 17 ] CVE-2010-3630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630 [ 18 ] CVE-2010-3632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632 [ 19 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 20 ] CVE-2010-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656 [ 21 ] CVE-2010-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657 [ 22 ] CVE-2010-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658 [ 23 ] CVE-2010-4091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201101-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201009-0241",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.82.76 windows edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "solaris edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.92.10 android edition"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.397.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.391.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.398.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.47255"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.381.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.394.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.396.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.395.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.385.0"
},
{
"model": "linux enterprise desktop sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.384.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.390.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.378.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.387.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.393.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.386.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "linux enterprise desktop sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.392.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.380.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.383.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.376.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.379.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.82.76",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.92.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.3.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.3.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Adair of the Shadowserver Foundation",
"sources": [
{
"db": "BID",
"id": "43205"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2884",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-2884",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45489",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2884",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275289",
"trust": 0.8,
"value": "31.59"
},
{
"author": "CNNVD",
"id": "CNNVD-201009-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45489",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Adobe Flash Contains a vulnerability. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. Failed attacks may cause denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201101-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 21, 2011\n Bugs: #336508, #343091\n ID: 201101-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code. \n\nBackground\n==========\n\nAdobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF\nreader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.1 \u003e= 9.4.1\n\nDescription\n===========\n\nMultiple vulnerabilities were discovered in Adobe Reader. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.1\"\n\nReferences\n==========\n\n [ 1 ] APSB10-21\n http://www.adobe.com/support/security/bulletins/apsb10-21.html\n [ 2 ] APSB10-28\n http://www.adobe.com/support/security/bulletins/apsb10-28.html\n [ 3 ] CVE-2010-2883\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883\n [ 4 ] CVE-2010-2884\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884\n [ 5 ] CVE-2010-2887\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887\n [ 6 ] CVE-2010-2889\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889\n [ 7 ] CVE-2010-2890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890\n [ 8 ] CVE-2010-3619\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619\n [ 9 ] CVE-2010-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620\n [ 10 ] CVE-2010-3621\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621\n [ 11 ] CVE-2010-3622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622\n [ 12 ] CVE-2010-3625\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625\n [ 13 ] CVE-2010-3626\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626\n [ 14 ] CVE-2010-3627\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627\n [ 15 ] CVE-2010-3628\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628\n [ 16 ] CVE-2010-3629\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629\n [ 17 ] CVE-2010-3630\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630\n [ 18 ] CVE-2010-3632\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632\n [ 19 ] CVE-2010-3654\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654\n [ 20 ] CVE-2010-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656\n [ 21 ] CVE-2010-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657\n [ 22 ] CVE-2010-3658\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658\n [ 23 ] CVE-2010-4091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201101-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2884"
},
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#275289",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2010-2884",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "41435",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "41443",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "41434",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2348",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2349",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA10-279A",
"trust": 1.9
},
{
"db": "USCERT",
"id": "TA10-263A",
"trust": 1.9
},
{
"db": "XF",
"id": "61771",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41526",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43026",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0192",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA10-263A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-279A",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2573",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136",
"trust": 0.7
},
{
"db": "BID",
"id": "43205",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-45489",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"id": "VAR-201009-0241",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45489"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:20:47.492000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSA10-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-03.html"
},
{
"title": "APSB10-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-22.html"
},
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"title": "cpsid_86695",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/866/cpsid_86695.html"
},
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-21.html"
},
{
"title": "cpsid_86922",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/869/cpsid_86922.html"
},
{
"title": "APSB10-22",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-22.html"
},
{
"title": "APSA10-03",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/advisories/apsa10-03.html"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4435?viewlocale=ja_jp"
},
{
"title": "RHSA-2010:0743",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0743.html"
},
{
"title": "RHSA-2010:0706",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0706.html"
},
{
"title": "cve_2010_2884_vulnerability_in",
"trust": 0.8,
"url": "http://blogs.sun.com/security/entry/cve_2010_2884_vulnerability_in"
},
{
"title": "TA10-279A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-279a.html"
},
{
"title": "TA10-263A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-263a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-03.html"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41434"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41435"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41443"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/2348"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/2349"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/275289"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-263a.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 1.6,
"url": "http://blogs.adobe.com/psirt/2010/09/security-advisory-for-adobe-flash-player-apsa10-03.html"
},
{
"trust": 1.6,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-22.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/61771"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6852"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0706.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0743.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41526"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43026"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61771"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100921-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20101006-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100024.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100026.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu275289"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-25"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-279a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-263a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2884"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-279a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-263a.html"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2573"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/cve_2010_2884_vulnerability_in"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3639"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2181"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2161"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3644"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2215"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4546"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2180"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2164"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2179"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3648"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3976"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2216"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2213"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2184"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2214"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2178"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2165"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2189"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3636"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3641"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3650"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2162"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3640"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3642"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-14T00:00:00",
"db": "CERT/CC",
"id": "VU#275289"
},
{
"date": "2010-09-15T00:00:00",
"db": "VULHUB",
"id": "VHN-45489"
},
{
"date": "2010-09-13T00:00:00",
"db": "BID",
"id": "43205"
},
{
"date": "2010-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"date": "2011-01-21T21:15:05",
"db": "PACKETSTORM",
"id": "97735"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"date": "2010-09-15T18:00:44.073000",
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-21T00:00:00",
"db": "CERT/CC",
"id": "VU#275289"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-45489"
},
{
"date": "2015-03-19T08:37:00",
"db": "BID",
"id": "43205"
},
{
"date": "2010-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"date": "2011-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash unspecified code execution vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
}
],
"trust": 0.6
}
}
VAR-201211-0364
Vulnerability from variot - Updated: 2024-07-23 21:09Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5275 , CVE-2012-5276 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56542"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5274",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5274",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58555",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5274",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-131",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58555",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5275 , CVE-2012-5276 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5274"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "BID",
"id": "56542"
},
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5274",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "BID",
"id": "56542",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-58555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "BID",
"id": "56542"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"id": "VAR-201211-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58555"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:09:16.913000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79845"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5274"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5274"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "BID",
"id": "56542"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58555"
},
{
"db": "BID",
"id": "56542"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58555"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56542"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"date": "2012-11-07T05:41:22.067000",
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58555"
},
{
"date": "2013-09-17T00:13:00",
"db": "BID",
"id": "56542"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005270"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-131"
},
{
"date": "2018-12-04T17:38:44.780000",
"db": "NVD",
"id": "CVE-2012-5274"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005270"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-131"
}
],
"trust": 0.6
}
}
VAR-201212-0238
Vulnerability from variot - Updated: 2024-07-23 21:09Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the loadPCMFromByteArray function in the flash.media.Sound object. When this function is called with a high number of 'samples' an integer overflow occurs during the calculation of a buffer size. This can lead to memory corruption that can result in remote code execution under the context of the current user. Failed exploit attempts will likely result in denial-of-service conditions. AIR is a technology developed for the combination of network and desktop applications, which can control cloud programs on the network without going through a browser. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Red Hat update for flash-plugin
SECUNIA ADVISORY ID: SA51526
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51526
RELEASE DATE: 2012-12-12
DISCUSS ADVISORY: http://secunia.com/advisories/51526/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51526/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51526
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: RHSA-2012:1569-1: https://rhn.redhat.com/errata/RHSA-2012-1569.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1569-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1569.html Issue date: 2012-12-12 CVE Names: CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
-
These vulnerabilities are detailed in the Adobe Security bulletin APSB12-27, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
-
Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
886200 - CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 flash-plugin: multiple code execution flaws (APSB12-27)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.258-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.258-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.258-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.258-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.258-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.258-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.258-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5676.html https://www.redhat.com/security/data/cve/CVE-2012-5677.html https://www.redhat.com/security/data/cve/CVE-2012-5678.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-27.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQyGJhXlSAg2UNWIIRAk+fAKCpyAfEImLmpa5GDhDn0qVwDT1aOgCeKWVK /I7KAaTWEKnqdTF2Qa3rwWs= =0jAo -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0238",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.135"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.34"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.48"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.136"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.29"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.258"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.48"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.377.15"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.136"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh)"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.97"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows android)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "8 for 64-bit systems (adobe flash player 11.3.377.15"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.880"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.258"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.135"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.377.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "8 for 32-bit systems (adobe flash player 11.3.377.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.29"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.377.15"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "flash player",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.2.54"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0.9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.83"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2080"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.168"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.60"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19.0.1084.52"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.142"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96379"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.102.228"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.78"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96365"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.229"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.151"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.162"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "BID",
"id": "56896"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.48",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.135",
"versionStartIncluding": "11.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.258",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.48",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.29",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.34",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.880",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.48",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.136",
"versionStartIncluding": "11.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.890",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.880",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.890",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An anonymous contributor through Tipping Point\u0027s Zero Day Initiative.",
"sources": [
{
"db": "BID",
"id": "56896"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
}
],
"trust": 0.9
},
"cve": "CVE-2012-5677",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5677",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-5677",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58958",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5677",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2012-5677",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201212-158",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58958",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-5677",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the loadPCMFromByteArray function in the flash.media.Sound object. When this function is called with a high number of \u0027samples\u0027 an integer overflow occurs during the calculation of a buffer size. This can lead to memory corruption that can result in remote code execution under the context of the current user. Failed exploit attempts will likely result in denial-of-service conditions. AIR is a technology developed for the combination of network and desktop applications, which can control cloud programs on the network without going through a browser. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA51526\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51526/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51526\n\nRELEASE DATE:\n2012-12-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51526/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51526/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51526\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2012:1569-1:\nhttps://rhn.redhat.com/errata/RHSA-2012-1569.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1569-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1569.html\nIssue date: 2012-12-12\nCVE Names: CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes three security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-27,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n886200 - CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 flash-plugin: multiple code execution flaws (APSB12-27)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5676.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5677.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5678.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-27.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQyGJhXlSAg2UNWIIRAk+fAKCpyAfEImLmpa5GDhDn0qVwDT1aOgCeKWVK\n/I7KAaTWEKnqdTF2Qa3rwWs=\n=0jAo\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5677"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "BID",
"id": "56896"
},
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "PACKETSTORM",
"id": "118779"
},
{
"db": "PACKETSTORM",
"id": "118801"
},
{
"db": "PACKETSTORM",
"id": "123225"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5677",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-13-021",
"trust": 1.0
},
{
"db": "BID",
"id": "56896",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1582",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51526",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51549",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "51536",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "51560",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-60512",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-58958",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-5677",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118801",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "BID",
"id": "56896"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "PACKETSTORM",
"id": "118779"
},
{
"db": "PACKETSTORM",
"id": "118801"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"id": "VAR-201212-0238",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58958"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:09:08.496000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-27",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-27.html"
},
{
"title": "APSB12-27 (cq11281733)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11281733.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/12/stable-channel-update.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121213f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45462"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45461"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45460"
},
{
"title": "Red Hat: Critical: flash-plugin security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121569 - security advisory"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-27.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00014.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00033.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5677"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121212-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120037.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5677"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10517"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51526"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51536"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51549"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51560"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56896"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/ie/"
},
{
"trust": 0.3,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00094.html"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/kb34161"
},
{
"trust": 0.3,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.ie/2012/12/stable-channel-update.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-13-021/"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2012-1569.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:1569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51526"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51526/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51526/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5676.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5677"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5676"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5678.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5678"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5677.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "BID",
"id": "56896"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "PACKETSTORM",
"id": "118779"
},
{
"db": "PACKETSTORM",
"id": "118801"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"db": "VULHUB",
"id": "VHN-58958"
},
{
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"db": "BID",
"id": "56896"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"db": "PACKETSTORM",
"id": "118779"
},
{
"db": "PACKETSTORM",
"id": "118801"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-11T00:00:00",
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"date": "2012-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-58958"
},
{
"date": "2012-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"date": "2012-12-11T00:00:00",
"db": "BID",
"id": "56896"
},
{
"date": "2012-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"date": "2012-12-12T10:00:39",
"db": "PACKETSTORM",
"id": "118779"
},
{
"date": "2012-12-13T06:04:49",
"db": "PACKETSTORM",
"id": "118801"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"date": "2012-12-12T11:38:44.950000",
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-11T00:00:00",
"db": "ZDI",
"id": "ZDI-13-021"
},
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58958"
},
{
"date": "2018-12-04T00:00:00",
"db": "VULMON",
"id": "CVE-2012-5677"
},
{
"date": "2015-03-19T09:44:00",
"db": "BID",
"id": "56896"
},
{
"date": "2012-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005699"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-158"
},
{
"date": "2018-12-04T18:05:26.377000",
"db": "NVD",
"id": "CVE-2012-5677"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005699"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-158"
}
],
"trust": 0.6
}
}
VAR-201302-0264
Vulnerability from variot - Updated: 2024-07-23 21:05Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-1374. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0644 and CVE-2013-1374 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.24"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57930"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0649",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0649",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60651",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0649",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-172",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60651",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-1374. Adobe Flash Player Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2013-0644 and CVE-2013-1374 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0649"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "BID",
"id": "57930"
},
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0649",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57930",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60651",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "BID",
"id": "57930"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"id": "VAR-201302-0264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60651"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:05:46.754000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0649"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0649"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "BID",
"id": "57930"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60651"
},
{
"db": "BID",
"id": "57930"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60651"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57930"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"date": "2013-02-12T20:55:04.590000",
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60651"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57930"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001486"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-172"
},
{
"date": "2018-12-06T19:50:14.467000",
"db": "NVD",
"id": "CVE-2013-0649"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001486"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-172"
}
],
"trust": 0.6
}
}
VAR-201108-0145
Vulnerability from variot - Updated: 2024-07-23 21:03Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Adobe Flash Player is prone to an unspecified cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The product enables viewing of applications, content and video across screens and browsers. Remote attackers can use unidentified vectors to bypass the same-origin policy and obtain sensitive information. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45583
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
RELEASE DATE: 2011-08-11
DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45583/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code.
2) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code.
3) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code.
4) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code.
5) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code.
6) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code.
7) An unspecified error can be exploited to disclose certain information from another domain.
8) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code.
9) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code.
10) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code.
11) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code.
12) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code.
13) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor
The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs
ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0145",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "air",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "air",
"scope": "eq",
"trust": 1.1,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
}
],
"sources": [
{
"db": "BID",
"id": "49086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Houssam Sahli",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
}
],
"trust": 0.6
},
"cve": "CVE-2011-2139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-2139",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-50084",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2139",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-192",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50084",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Adobe Flash Player is prone to an unspecified cross-site scripting vulnerability. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The product enables viewing of applications, content and video across screens and browsers. Remote attackers can use unidentified vectors to bypass the same-origin policy and obtain sensitive information. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nRELEASE DATE:\n2011-08-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player,\nwhich can be exploited by malicious people to disclose sensitive\ninformation and compromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nand potentially execute arbitrary code. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nand potentially execute arbitrary code. \n\n3) An unspecified error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n4) An integer overflow error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nand potentially execute arbitrary code. \n\n6) An integer overflow error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n7) An unspecified error can be exploited to disclose certain\ninformation from another domain. \n\n8) An unspecified error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n9) An unspecified error can be exploited to cause a buffer overflow\nand potentially execute arbitrary code. \n\n10) An unspecified error can be exploited to cause a buffer overflow\nand potentially execute arbitrary code. \n\n11) An integer overflow error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n12) An unspecified error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\n13) An unspecified error can be exploited to corrupt memory and\npotentially execute arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor\n\nThe vendor credits:\n2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of\nSciences\n3) Wushi, Team 509 via iDefense Labs\n4, 11) Vitaliy Toropov via iDefense Labs\n5) Alexander Zaitsev, Positive Technologies\n6, 8) An anonymous person via ZDI\n7) Brandon Hardy\n9) Bo Qu, Palo Alto Networks\n10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs\n12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team\n13) Honggang Ren, FortiGuard Labs\n\nORIGINAL ADVISORY:\nAdobe (APSB11-21):\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2139"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "BID",
"id": "49086"
},
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2139",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "BID",
"id": "49086",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "74438",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "17524",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "BID",
"id": "49090",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-50084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "BID",
"id": "49086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"id": "VAR-201108-0145",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50084"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:03:24.463000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14204"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16030"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2139"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2139"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74438"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49086"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49090"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17524"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "BID",
"id": "49086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50084"
},
{
"db": "BID",
"id": "49086"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50084"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49086"
},
{
"date": "2011-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-08-10T08:16:38",
"db": "PACKETSTORM",
"id": "103903"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"date": "2011-08-10T22:55:00.860000",
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50084"
},
{
"date": "2015-03-19T08:11:00",
"db": "BID",
"id": "49086"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002153"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-192"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2139"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerabilities that bypass the same origin policy",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002153"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-192"
}
],
"trust": 0.6
}
}
VAR-201302-0306
Vulnerability from variot - Updated: 2024-07-23 21:01Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0306",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.32"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.34"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.16"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.19"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.6"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.31"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57919"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1370",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1370",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61372",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1370",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-178",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61372",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1370"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "BID",
"id": "57919"
},
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1370",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57919",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61372",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "BID",
"id": "57919"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"id": "VAR-201302-0306",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61372"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:01:18.595000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1370"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1370"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "BID",
"id": "57919"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61372"
},
{
"db": "BID",
"id": "57919"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61372"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57919"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"date": "2013-02-12T20:55:04.963000",
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61372"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57919"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001473"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-178"
},
{
"date": "2018-12-06T19:55:17.347000",
"db": "NVD",
"id": "CVE-2013-1370"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001473"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-178"
}
],
"trust": 0.6
}
}
VAR-201302-0142
Vulnerability from variot - Updated: 2024-07-23 20:58Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors. Adobe Flash Player Contains a vulnerability in which important information is obtained.An attacker could obtain important information. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
3) An integer overflow error can be exploited to execute arbitrary code.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0142",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.236"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57929"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-0637",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-60639",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0637",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-165",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60639",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors. Adobe Flash Player Contains a vulnerability in which important information is obtained.An attacker could obtain important information. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n3) An integer overflow error can be exploited to execute arbitrary\ncode. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nSuccessful exploitation of vulnerabilities #1 through #5 may allow\nexecution of arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0637"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "BID",
"id": "57929"
},
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0637",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165",
"trust": 0.6
},
{
"db": "BID",
"id": "57929",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60639",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "BID",
"id": "57929"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"id": "VAR-201302-0142",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60639"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:58:53.947000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0637"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0637"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.ie/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "BID",
"id": "57929"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60639"
},
{
"db": "BID",
"id": "57929"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60639"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57929"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"date": "2013-02-12T20:55:04.247000",
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60639"
},
{
"date": "2015-03-19T09:48:00",
"db": "BID",
"id": "57929"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001472"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-165"
},
{
"date": "2018-12-06T19:53:30.563000",
"db": "NVD",
"id": "CVE-2013-0637"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001472"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-165"
}
],
"trust": 0.6
}
}
VAR-201108-0080
Vulnerability from variot - Updated: 2024-07-23 20:57Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2137 , CVE-2011-2414 ,and CVE-2011-2415 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45583
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
RELEASE DATE: 2011-08-11
DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45583/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
7) An unspecified error can be exploited to disclose certain information from another domain.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor
The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs
ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0080",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "air",
"scope": "eq",
"trust": 1.1,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
}
],
"sources": [
{
"db": "BID",
"id": "49074"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Zaitsev of Positive Technologies",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
}
],
"trust": 0.6
},
"cve": "CVE-2011-2134",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2134",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50079",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2134",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-180",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50079",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2137 , CVE-2011-2414 ,and CVE-2011-2415 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nRELEASE DATE:\n2011-08-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player,\nwhich can be exploited by malicious people to disclose sensitive\ninformation and compromise a user\u0027s system. \n\n7) An unspecified error can be exploited to disclose certain\ninformation from another domain. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor\n\nThe vendor credits:\n2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of\nSciences\n3) Wushi, Team 509 via iDefense Labs\n4, 11) Vitaliy Toropov via iDefense Labs\n5) Alexander Zaitsev, Positive Technologies\n6, 8) An anonymous person via ZDI\n7) Brandon Hardy\n9) Bo Qu, Palo Alto Networks\n10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs\n12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team\n13) Honggang Ren, FortiGuard Labs\n\nORIGINAL ADVISORY:\nAdobe (APSB11-21):\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2134"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "BID",
"id": "49074"
},
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2134",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "BID",
"id": "49074",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "74433",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180",
"trust": 0.7
},
{
"db": "BID",
"id": "49075",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17515",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-50079",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "BID",
"id": "49074"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"id": "VAR-201108-0080",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50079"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:57:37.509000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13979"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15941"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2134"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2134"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74433"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49074"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49075"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17515"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "BID",
"id": "49074"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50079"
},
{
"db": "BID",
"id": "49074"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50079"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49074"
},
{
"date": "2011-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-08-10T08:16:38",
"db": "PACKETSTORM",
"id": "103903"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"date": "2011-08-10T21:55:02.110000",
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50079"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "49074"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002149"
},
{
"date": "2011-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-180"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2134"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-180"
}
],
"trust": 0.6
}
}
VAR-201211-0368
Vulnerability from variot - Updated: 2024-07-23 20:48Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. Adobe Flash Player Contains a vulnerability that allows access restrictions to be bypassed and arbitrary code execution.An attacker could bypass access restrictions and execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record for better documentation. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0368",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5278",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5278",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58559",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5278",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-135",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58559",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. Adobe Flash Player Contains a vulnerability that allows access restrictions to be bypassed and arbitrary code execution.An attacker could bypass access restrictions and execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record for better documentation. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "BID",
"id": "56547"
},
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5278",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "BID",
"id": "56547",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-58559",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "BID",
"id": "56547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"id": "VAR-201211-0368",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58559"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:48:23.186000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79851"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5278"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5278"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "BID",
"id": "56547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58559"
},
{
"db": "BID",
"id": "56547"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58559"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56547"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"date": "2012-11-07T05:41:22.223000",
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58559"
},
{
"date": "2015-03-19T09:38:00",
"db": "BID",
"id": "56547"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005274"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-135"
},
{
"date": "2018-12-04T17:53:14.557000",
"db": "NVD",
"id": "CVE-2012-5278"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005274"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-135"
}
],
"trust": 0.6
}
}
VAR-201108-0149
Vulnerability from variot - Updated: 2024-07-23 20:47Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2134 , CVE-2011-2414 ,and CVE-2011-2415 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. BACKGROUND
"Adobe Flash Player is a cross-platform browser-based application runtime that delivers uncompromised viewing of expressive applications, content, and videos across screens and browsers. Flash Player delivers breakthrough web experiences to over 98% of Internet users." from Adobe.com
II.
The vulnerability is caused by a buffer overflow error when processing a malformed ActionScript FileReference method, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE: CVE-2011-2137
III. Binary Analysis & Exploits/PoCs
In-depth binary analysis of the vulnerability and a code execution exploit are available through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/english/services/ba-index.php
VUPEN Binary Analysis & Exploits Service provides private exploits and in-depth technical analysis of the most significant public vulnerabilities based on disassembly, reverse engineering, protocol analysis, and code audit.
The service allows governments and major corporations to evaluate risks, and protect infrastructures and assets against new threats. The service also allows security vendors (IPS, IDS, AntiVirus) to supplement their internal research efforts and quickly develop both vulnerability-based and exploit-based signatures to proactively protect their customers from attacks and emerging threats.
V. VUPEN Threat Protection Program
To proactively protect critical networks and infrastructures against unpatched vulnerabilities and reduce risks related to zero-day attacks, VUPEN shares its vulnerability research with governments and organizations members of the VUPEN Threat Protection Program (TPP).
VUPEN TPP customers receive fully detailed and technical reports about security vulnerabilities discovered by VUPEN and in advance of their public disclosure.
http://www.vupen.com/english/services/tpp-index.php
VI. CREDIT
This vulnerability was discovered by Nicolas Joly of VUPEN Security
VIII. ABOUT VUPEN Security
VUPEN is the world leader in vulnerability research for defensive and offensive security. VUPEN solutions enable corporations and governments to measure and manage risks, eliminate vulnerabilities before they can be exploited, and protect critical infrastructures and assets against known and unknown vulnerabilities.
VUPEN has been recently recognized as "Entrepreneurial Company of the Year in the Vulnerability Research Market (2011)" by Frost & Sullivan.
VUPEN solutions include:
-
VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php
-
VUPEN Threat Protection Program (TPP) : http://www.vupen.com/english/services/tpp-index.php
IX. DISCLOSURE TIMELINE
2011-04-28 - Vulnerability Discovered by VUPEN and shared with customers 2011-08-10 - Public disclosure
. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Red Hat update for flash-plugin
SECUNIA ADVISORY ID: SA45593
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
RELEASE DATE: 2011-08-12
DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45593/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "air",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 1.7,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
}
],
"sources": [
{
"db": "BID",
"id": "49075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bo Qu of Palo Alto Networks",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
}
],
"trust": 0.6
},
"cve": "CVE-2011-2137",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2137",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50082",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2137",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-181",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50082",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-2137",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. Adobe Flash Player and Adobe AIR Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2130 , CVE-2011-2134 , CVE-2011-2414 ,and CVE-2011-2415 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. BACKGROUND\n---------------------\n\n\"Adobe Flash Player is a cross-platform browser-based application runtime\nthat delivers uncompromised viewing of expressive applications, content,\nand videos across screens and browsers. Flash Player delivers breakthrough\nweb experiences to over 98% of Internet users.\" from Adobe.com\n\n\nII. \n\nThe vulnerability is caused by a buffer overflow error when processing a\nmalformed ActionScript FileReference method, which could be exploited by\nremote attackers to compromise a vulnerable system by tricking a user\ninto visiting a specially crafted web page. \n\nCVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\nCVE: CVE-2011-2137\n\n\nIII. Binary Analysis \u0026 Exploits/PoCs\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution exploit\nare available through the VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/english/services/ba-index.php\n\n\nVUPEN Binary Analysis \u0026 Exploits Service provides private exploits and\nin-depth technical analysis of the most significant public vulnerabilities\nbased on disassembly, reverse engineering, protocol analysis, and code \naudit. \n\nThe service allows governments and major corporations to evaluate risks, and\nprotect infrastructures and assets against new threats. The service also\nallows security vendors (IPS, IDS, AntiVirus) to supplement their internal\nresearch efforts and quickly develop both vulnerability-based and\nexploit-based signatures to proactively protect their customers from attacks\nand emerging threats. \n\n\nV. VUPEN Threat Protection Program\n-----------------------------------\n\nTo proactively protect critical networks and infrastructures against \nunpatched\nvulnerabilities and reduce risks related to zero-day attacks, VUPEN shares \nits\nvulnerability research with governments and organizations members of the \nVUPEN\nThreat Protection Program (TPP). \n\nVUPEN TPP customers receive fully detailed and technical reports about \nsecurity\nvulnerabilities discovered by VUPEN and in advance of their public \ndisclosure. \n\nhttp://www.vupen.com/english/services/tpp-index.php\n\n\nVI. CREDIT\n--------------\n\nThis vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVIII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is the world leader in vulnerability research for defensive and\noffensive security. VUPEN solutions enable corporations and governments to\nmeasure and manage risks, eliminate vulnerabilities before they can be\nexploited, and protect critical infrastructures and assets against\nknown and unknown vulnerabilities. \n\nVUPEN has been recently recognized as \"Entrepreneurial Company of the Year\nin the Vulnerability Research Market (2011)\" by Frost \u0026 Sullivan. \n\nVUPEN solutions include:\n\n* VUPEN Binary Analysis \u0026 Exploits Service (BAE) :\nhttp://www.vupen.com/english/services/ba-index.php\n\n* VUPEN Threat Protection Program (TPP) :\nhttp://www.vupen.com/english/services/tpp-index.php\n\n\nIX. DISCLOSURE TIMELINE\n-----------------------------\n\n2011-04-28 - Vulnerability Discovered by VUPEN and shared with customers\n2011-08-10 - Public disclosure\n\n. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA45593\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45593/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nRELEASE DATE:\n2011-08-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45593/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45593/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information and compromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2011:1144-1:\nhttps://rhn.redhat.com/errata/RHSA-2011-1144.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2137"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "BID",
"id": "49075"
},
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"db": "PACKETSTORM",
"id": "104006"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50082",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2137",
"trust": 3.5
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.4
},
{
"db": "BID",
"id": "49075",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "74436",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181",
"trust": 0.7
},
{
"db": "BID",
"id": "49076",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17513",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "104006",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50082",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-2137",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103929",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"db": "BID",
"id": "49075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "PACKETSTORM",
"id": "104006"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"id": "VAR-201108-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:47:46.652000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14206"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16270"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/49075"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2137"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2137"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74436"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49076"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17513"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/adobe-air-cve-2011-2415"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23993"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/go/getflash"
},
{
"trust": 0.1,
"url": "http://get.adobe.com/air"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/ba-index.php"
},
{
"trust": 0.1,
"url": "http://twitter.com/vupen"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/tpp-index.php"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"db": "BID",
"id": "49075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "PACKETSTORM",
"id": "104006"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50082"
},
{
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"db": "BID",
"id": "49075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"db": "PACKETSTORM",
"id": "104006"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50082"
},
{
"date": "2011-08-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49075"
},
{
"date": "2011-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"date": "2011-08-11T19:11:11",
"db": "PACKETSTORM",
"id": "104006"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "2011-08-11T08:17:54",
"db": "PACKETSTORM",
"id": "103929"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"date": "2011-08-10T21:55:02.140000",
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50082"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-2137"
},
{
"date": "2015-03-19T09:49:00",
"db": "BID",
"id": "49075"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002151"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-181"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2137"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "104006"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002151"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-181"
}
],
"trust": 0.6
}
}
VAR-201302-0150
Vulnerability from variot - Updated: 2024-07-23 20:42Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0150",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.48"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.24"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57916"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0645",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60647",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0645",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60647",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0645"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "BID",
"id": "57916"
},
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0645",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57916",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "BID",
"id": "57916"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"id": "VAR-201302-0150",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60647"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:42:21.826000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0645"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0645"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "BID",
"id": "57916"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60647"
},
{
"db": "BID",
"id": "57916"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60647"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57916"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"date": "2013-02-12T20:55:04.497000",
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60647"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57916"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001484"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-170"
},
{
"date": "2018-12-06T19:48:36.513000",
"db": "NVD",
"id": "CVE-2013-0645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001484"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-170"
}
],
"trust": 0.6
}
}
VAR-201210-0155
Vulnerability from variot - Updated: 2024-07-23 20:31Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. NOTE: This issue was previously covered in BID 55827 (Adobe Flash Player and AIR APSB12-22 Multiple Remote Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50876
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50876/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50876
RELEASE DATE: 2012-10-09
DISCUSS ADVISORY: http://secunia.com/advisories/50876/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50876/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50876
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows. No further information is currently available.
2) Some unspecified errors can be exploited to corrupt memory. No further information is currently available.
3) Another unspecified error can be exploited to corrupt memory. No further information is currently available.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2) Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google Security Team. 3) Dark Son, Code Audit Labs
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-22.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1346-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1346.html Issue date: 2012-10-09 CVE Names: CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 CVE-2012-5263 CVE-2012-5264 CVE-2012-5265 CVE-2012-5266 CVE-2012-5267 CVE-2012-5268 CVE-2012-5269 CVE-2012-5270 CVE-2012-5271 CVE-2012-5272 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed on the Adobe security page APSB12-22, listed in the References section.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
864284 - flash-plugin: multiple code-execution flaws (APSB12-22)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.243-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.243-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.243-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.243-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.243-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.243-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.243-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.243-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.243-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.243-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5248.html https://www.redhat.com/security/data/cve/CVE-2012-5249.html https://www.redhat.com/security/data/cve/CVE-2012-5250.html https://www.redhat.com/security/data/cve/CVE-2012-5251.html https://www.redhat.com/security/data/cve/CVE-2012-5252.html https://www.redhat.com/security/data/cve/CVE-2012-5253.html https://www.redhat.com/security/data/cve/CVE-2012-5254.html https://www.redhat.com/security/data/cve/CVE-2012-5255.html https://www.redhat.com/security/data/cve/CVE-2012-5256.html https://www.redhat.com/security/data/cve/CVE-2012-5257.html https://www.redhat.com/security/data/cve/CVE-2012-5258.html https://www.redhat.com/security/data/cve/CVE-2012-5259.html https://www.redhat.com/security/data/cve/CVE-2012-5260.html https://www.redhat.com/security/data/cve/CVE-2012-5261.html https://www.redhat.com/security/data/cve/CVE-2012-5262.html https://www.redhat.com/security/data/cve/CVE-2012-5263.html https://www.redhat.com/security/data/cve/CVE-2012-5264.html https://www.redhat.com/security/data/cve/CVE-2012-5265.html https://www.redhat.com/security/data/cve/CVE-2012-5266.html https://www.redhat.com/security/data/cve/CVE-2012-5267.html https://www.redhat.com/security/data/cve/CVE-2012-5268.html https://www.redhat.com/security/data/cve/CVE-2012-5269.html https://www.redhat.com/security/data/cve/CVE-2012-5270.html https://www.redhat.com/security/data/cve/CVE-2012-5271.html https://www.redhat.com/security/data/cve/CVE-2012-5272.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-22.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQc9lAXlSAg2UNWIIRAmMNAJ9/iz3/6iGteMGTU4y9VZCDnIuTcgCgwHYI Ueh0ulQGOXSNmABZxKn8d5c= =0ify -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 2.1,
"vendor": "adobe",
"version": "11.2.202.243"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.4.402.278"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.4.402.265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.3.300.273"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.2.152.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.3.300.268"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.3.300.271"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.3.300.265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.3.300.262"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.115.8"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.115.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.115.12"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.115.11"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.112.60"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.17"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.2.202.238"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.2.202.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.2.202.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.2.202.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.2.202.223"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.102.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.102.62"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.1.102.55"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.3.0.3670"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.2.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.1.0.485"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "3.0.0.408"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.1.19610"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.0.19530"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.0.1953"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.0.19480"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7.0.1948"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.6.0.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.6.0.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.5.1.17730"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.5.0.16600"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.0.3.13070"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.1.8210"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.1.0.5790"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.0.8.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.3.300.257"
},
{
"model": "flash player for android",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.16"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.25"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "flash player for android",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.17"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.19"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.4.402.287"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.29"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.20"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.115.17"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.1.111.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300271"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300268"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300265"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300262"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.3.300257"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.25"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.4.402.278:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.4.402.265:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.183.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.153.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.268:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.265:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.273:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.271:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.262:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.3.300.257:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.183.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.183.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.153.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.111.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.111.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:10.1.106.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.111.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.111.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.111.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.102.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.111.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.0.1.153:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:10.3.186.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.112.61:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.112.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.1.115.17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.115.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.115.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.115.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_android:11.1.115.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.1.0.488:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.2.0.2070:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.3.0.3670:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.0.1953:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6.0.19120:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.0.7220:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0.4990:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.4.0.2540",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.0.0.4080:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.1.19610:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3.13070:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6.0.19140:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.0.19480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.1.0.4880:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.1.0.485:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2.12610:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.0.1948:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3.9130:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3.9120:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.0.0.408:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:3.2.0.207:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.5.1.17730:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.5.0.16600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7.0.19530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1.0.5790:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0.8.4990:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.1.8210:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.4.0.2540",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "78086"
}
],
"trust": 0.3
},
"cve": "CVE-2012-5258",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5258",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58539",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5258",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-112",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58539",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. \nNOTE: This issue was previously covered in BID 55827 (Adobe Flash Player and AIR APSB12-22 Multiple Remote Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50876\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50876/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50876\n\nRELEASE DATE:\n2012-10-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50876/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50876/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50876\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAdobe AIR, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. No further information is currently available. \n\n2) Some unspecified errors can be exploited to corrupt memory. No\nfurther information is currently available. \n\n3) Another unspecified error can be exploited to corrupt memory. No\nfurther information is currently available. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1, 2) Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google\nSecurity Team. \n3) Dark Son, Code Audit Labs\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1346-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1346.html\nIssue date: 2012-10-09\nCVE Names: CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 \n CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 \n CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 \n CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 \n CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 \n CVE-2012-5263 CVE-2012-5264 CVE-2012-5265 \n CVE-2012-5266 CVE-2012-5267 CVE-2012-5268 \n CVE-2012-5269 CVE-2012-5270 CVE-2012-5271 \n CVE-2012-5272 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed on the Adobe security page APSB12-22, listed\nin the References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n864284 - flash-plugin: multiple code-execution flaws (APSB12-22)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.243-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.243-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.243-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.243-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.243-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5248.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5249.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5250.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5251.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5252.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5253.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5254.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5255.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5256.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5257.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5258.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5259.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5260.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5261.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5262.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5263.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5264.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5265.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5266.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5267.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5268.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5269.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5270.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5271.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5272.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-22.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQc9lAXlSAg2UNWIIRAmMNAJ9/iz3/6iGteMGTU4y9VZCDnIuTcgCgwHYI\nUeh0ulQGOXSNmABZxKn8d5c=\n=0ify\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5258"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
},
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "PACKETSTORM",
"id": "117256"
},
{
"db": "PACKETSTORM",
"id": "117235"
},
{
"db": "PACKETSTORM",
"id": "123225"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5258",
"trust": 3.3
},
{
"db": "OSVDB",
"id": "86035",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50876",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50820",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "50870",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "50872",
"trust": 0.6
},
{
"db": "BID",
"id": "78086",
"trust": 0.4
},
{
"db": "BID",
"id": "56210",
"trust": 0.4
},
{
"db": "XF",
"id": "79079",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-58539",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117256",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117235",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "PACKETSTORM",
"id": "117256"
},
{
"db": "PACKETSTORM",
"id": "117235"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"id": "VAR-201210-0155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58539"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:31:08.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"
},
{
"title": "APSB12-22",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-22.html"
},
{
"title": "APSB12-22 (cq10081118)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq10081118.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/10/stable-channel-update.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"
},
{
"trust": 1.4,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86035"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79079"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5258"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121009-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120031.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5258"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50820"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50870"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50872"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50876"
},
{
"trust": 0.3,
"url": "http://xforce.iss.net/xforce/xfdb/79079"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/kb34161"
},
{
"trust": 0.3,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00096.html"
},
{
"trust": 0.3,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50876"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50876/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50876/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5264"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5270.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5254.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5266"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5250.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5265"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5263"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5267.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5255.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5252.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5272.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5262"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5264.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5260.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5267"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5271.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5259.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5269"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5261.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5248.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5269.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5268.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5268"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5251.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5266.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5257.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5253.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5258.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5262.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5265.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-1346.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5256.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5249.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5270"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5263.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "PACKETSTORM",
"id": "117256"
},
{
"db": "PACKETSTORM",
"id": "117235"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58539"
},
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"db": "PACKETSTORM",
"id": "117256"
},
{
"db": "PACKETSTORM",
"id": "117235"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-58539"
},
{
"date": "2012-10-09T00:00:00",
"db": "BID",
"id": "78086"
},
{
"date": "2012-10-08T00:00:00",
"db": "BID",
"id": "56210"
},
{
"date": "2012-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"date": "2012-10-10T07:49:21",
"db": "PACKETSTORM",
"id": "117256"
},
{
"date": "2012-10-10T01:29:56",
"db": "PACKETSTORM",
"id": "117235"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"date": "2012-10-09T11:13:10.847000",
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-58539"
},
{
"date": "2012-10-09T00:00:00",
"db": "BID",
"id": "78086"
},
{
"date": "2015-03-19T09:34:00",
"db": "BID",
"id": "56210"
},
{
"date": "2012-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004806"
},
{
"date": "2012-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-112"
},
{
"date": "2017-08-29T01:32:34.540000",
"db": "NVD",
"id": "CVE-2012-5258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "78086"
},
{
"db": "BID",
"id": "56210"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004806"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-112"
}
],
"trust": 0.6
}
}
VAR-201302-0143
Vulnerability from variot - Updated: 2024-07-23 20:31Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0647. Adobe Flash Player Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2013-0647 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0143",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.16"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.19"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.112.60"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57926"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0638",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0638",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60640",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0638",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-166",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60640",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0647. Adobe Flash Player Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2013-0647 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nSuccessful exploitation of vulnerabilities #1 through #5 may allow\nexecution of arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0638"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "BID",
"id": "57926"
},
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0638",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57926",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "BID",
"id": "57926"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"id": "VAR-201302-0143",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60640"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:31:06.906000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0638"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0638"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "BID",
"id": "57926"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60640"
},
{
"db": "BID",
"id": "57926"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60640"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57926"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"date": "2013-02-12T20:55:04.323000",
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60640"
},
{
"date": "2015-03-19T09:14:00",
"db": "BID",
"id": "57926"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001480"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-166"
},
{
"date": "2018-12-06T19:46:05.027000",
"db": "NVD",
"id": "CVE-2013-0638"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001480"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-166"
}
],
"trust": 0.6
}
}
VAR-201302-0305
Vulnerability from variot - Updated: 2024-07-23 20:29Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0305",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.186.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.185.24"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1369",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1369",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61371",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1369",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-177",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61371",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1369"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "BID",
"id": "57918"
},
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1369",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57918",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61371",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "BID",
"id": "57918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"id": "VAR-201302-0305",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61371"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:29:37.668000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1369"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1369"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "BID",
"id": "57918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61371"
},
{
"db": "BID",
"id": "57918"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61371"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57918"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"date": "2013-02-12T20:55:04.887000",
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61371"
},
{
"date": "2015-03-19T08:23:00",
"db": "BID",
"id": "57918"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001471"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-177"
},
{
"date": "2018-12-06T19:55:49.473000",
"db": "NVD",
"id": "CVE-2013-1369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001471"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-177"
}
],
"trust": 0.6
}
}
VAR-201302-0144
Vulnerability from variot - Updated: 2024-07-23 20:19Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0144",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.19"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.183.51"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.9"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.29"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.7"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57925"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0639",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0639",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60641",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0639",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-167",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60641",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nSuccessful exploitation of vulnerabilities #1 through #5 may allow\nexecution of arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0639"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "BID",
"id": "57925"
},
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0639",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57925",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60641",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "BID",
"id": "57925"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"id": "VAR-201302-0144",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60641"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:19:19.837000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0639"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0639"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.ie/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "BID",
"id": "57925"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60641"
},
{
"db": "BID",
"id": "57925"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60641"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57925"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"date": "2013-02-12T20:55:04.370000",
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60641"
},
{
"date": "2015-03-19T08:09:00",
"db": "BID",
"id": "57925"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-167"
},
{
"date": "2018-12-06T19:46:34.980000",
"db": "NVD",
"id": "CVE-2013-0639"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001481"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-167"
}
],
"trust": 0.6
}
}
VAR-201108-0185
Vulnerability from variot - Updated: 2024-07-23 20:13Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 and CVE-2011-2138 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45583
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
RELEASE DATE: 2011-08-11
DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45583/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
7) An unspecified error can be exploited to disclose certain information from another domain.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor
The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs
ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. iDefense Security Advisory 08.09.11 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2011
I. For more information, please visit following website:
http://www.adobe.com/products/flashplayer/
II.
During the allocation of an array within a certain internal ActionScript function, a size calculation may cause an integer value to overflow. This condition may lead to the bounds of an undersized array being overflown during a memory copy operation.
III. An attacker typically accomplishes this via social engineering or injecting content into a compromised, trusted site.
IV. VENDOR RESPONSE
Adobe has released a fix which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.
http://www.adobe.com/support/security/bulletins/apsb11-21.html
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
04/27/2011 Initial Vendor Notification 04/27/2011 Vendor Reply 08/09/2011 Coordinated Public Disclosure
IX. CREDIT
This vulnerability was reported to iDefense by Vitaliy Toropov.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright © 2011 Verisign
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0185",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "air",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.7,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
}
],
"sources": [
{
"db": "BID",
"id": "49081"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wushi of Team 509 through iDefense Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
}
],
"trust": 0.6
},
"cve": "CVE-2011-2416",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2416",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50361",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2416",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-187",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50361",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 and CVE-2011-2138 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nRELEASE DATE:\n2011-08-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player,\nwhich can be exploited by malicious people to disclose sensitive\ninformation and compromise a user\u0027s system. \n\n7) An unspecified error can be exploited to disclose certain\ninformation from another domain. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor\n\nThe vendor credits:\n2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of\nSciences\n3) Wushi, Team 509 via iDefense Labs\n4, 11) Vitaliy Toropov via iDefense Labs\n5) Alexander Zaitsev, Positive Technologies\n6, 8) An anonymous person via ZDI\n7) Brandon Hardy\n9) Bo Qu, Palo Alto Networks\n10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs\n12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team\n13) Honggang Ren, FortiGuard Labs\n\nORIGINAL ADVISORY:\nAdobe (APSB11-21):\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. iDefense Security Advisory 08.09.11\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nAug 09, 2011\n\nI. For more\ninformation, please visit following website:\n\nhttp://www.adobe.com/products/flashplayer/\n\nII. \n\nDuring the allocation of an array within a certain internal ActionScript\nfunction, a size calculation may cause an integer value to overflow. \nThis condition may lead to the bounds of an undersized array being\noverflown during a memory copy operation. \n\nIII. An attacker typically accomplishes this via\nsocial engineering or injecting content into a compromised, trusted\nsite. \n\nIV. VENDOR RESPONSE\n\nAdobe has released a fix which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate\nfor inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n04/27/2011 Initial Vendor Notification\n04/27/2011 Vendor Reply\n08/09/2011 Coordinated Public Disclosure\n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by Vitaliy Toropov. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2011 Verisign\n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\ne-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2416"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "BID",
"id": "49081"
},
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "103918"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50361",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2416",
"trust": 3.4
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "BID",
"id": "49081",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "74442",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187",
"trust": 0.7
},
{
"db": "BID",
"id": "49082",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17500",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "103918",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50361",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "BID",
"id": "49081"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "103918"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"id": "VAR-201108-0185",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:13:20.068000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14132"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16025"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2416"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2416"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74442"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49081"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49082"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17500"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "/archive/1/519236"
},
{
"trust": 0.3,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=936"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/flashplayer/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "BID",
"id": "49081"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "103918"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50361"
},
{
"db": "BID",
"id": "49081"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "103918"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50361"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49081"
},
{
"date": "2011-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-08-10T08:16:38",
"db": "PACKETSTORM",
"id": "103903"
},
{
"date": "2011-08-11T04:45:55",
"db": "PACKETSTORM",
"id": "103918"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"date": "2011-08-10T22:55:01.017000",
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50361"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "49081"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002158"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-187"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2416"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "103918"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002158"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-187"
}
],
"trust": 0.6
}
}
VAR-201302-0303
Vulnerability from variot - Updated: 2024-07-23 20:07Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.485"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3650"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57924"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1367",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1367",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61369",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1367",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-175",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61369",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1367"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "BID",
"id": "57924"
},
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1367",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57924",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61369",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "BID",
"id": "57924"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"id": "VAR-201302-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61369"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:07:23.926000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1367"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1367"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "BID",
"id": "57924"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61369"
},
{
"db": "BID",
"id": "57924"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61369"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57924"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"date": "2013-02-12T20:55:04.747000",
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61369"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57924"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001478"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-175"
},
{
"date": "2018-12-06T19:58:14.463000",
"db": "NVD",
"id": "CVE-2013-1367"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-175"
}
],
"trust": 0.6
}
}
VAR-201302-0308
Vulnerability from variot - Updated: 2024-07-23 20:07Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1372. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 ,and CVE-2013-1372 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.112.61"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.115.20"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.8"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.29"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.6"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.112.60"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.31"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57917"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1373",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1373",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61375",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1373",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-180",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61375",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1372. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 ,and CVE-2013-1372 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1373"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "BID",
"id": "57917"
},
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1373",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57917",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61375",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "BID",
"id": "57917"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"id": "VAR-201302-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61375"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:07:21.585000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1373"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1373"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "BID",
"id": "57917"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61375"
},
{
"db": "BID",
"id": "57917"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61375"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57917"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"date": "2013-02-12T20:55:05.090000",
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61375"
},
{
"date": "2015-03-19T09:47:00",
"db": "BID",
"id": "57917"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001475"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-180"
},
{
"date": "2018-12-06T19:54:21.017000",
"db": "NVD",
"id": "CVE-2013-1373"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001475"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-180"
}
],
"trust": 0.6
}
}
VAR-201211-0365
Vulnerability from variot - Updated: 2024-07-23 20:03Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5276 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0365",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56543"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5275",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5275",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58556",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5275",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-132",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58556",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2012-5274 , CVE-2012-5276 , CVE-2012-5277 ,and CVE-2012-5280 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5275"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "BID",
"id": "56543"
},
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5275",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "BID",
"id": "56543",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-58556",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "BID",
"id": "56543"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"id": "VAR-201211-0365",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58556"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:03:18.542000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79846"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5275"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5275"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.4,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/kb34161"
},
{
"trust": 0.3,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00090.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "BID",
"id": "56543"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58556"
},
{
"db": "BID",
"id": "56543"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58556"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56543"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"date": "2012-11-07T05:41:22.113000",
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58556"
},
{
"date": "2015-03-19T08:41:00",
"db": "BID",
"id": "56543"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005271"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-132"
},
{
"date": "2018-12-04T17:39:23.030000",
"db": "NVD",
"id": "CVE-2012-5275"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005271"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-132"
}
],
"trust": 0.6
}
}
VAR-201108-0150
Vulnerability from variot - Updated: 2024-07-23 19:58Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 ,and CVE-2011-2416 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . More details can be found at: http://www.adobe.com/support/security/bulletins/apsb11-21.html
-- Disclosure Timeline: 2011-06-02 - Vulnerability reported to vendor 2011-08-12 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter: http://twitter.com/thezdi
Full-Disclosure - We believe in it.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Red Hat update for flash-plugin
SECUNIA ADVISORY ID: SA45593
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
RELEASE DATE: 2011-08-12
DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45593/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45593
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0150",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "air",
"scope": "eq",
"trust": 1.7,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "flash player",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "BID",
"id": "49080"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
}
],
"trust": 0.7
},
"cve": "CVE-2011-2138",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2138",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2138",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50083",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2138",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-2138",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-186",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50083",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 ,and CVE-2011-2416 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. More\ndetails can be found at:\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n-- Disclosure Timeline:\n2011-06-02 - Vulnerability reported to vendor\n2011-08-12 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA45593\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45593/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nRELEASE DATE:\n2011-08-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45593/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45593/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information and compromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2011:1144-1:\nhttps://rhn.redhat.com/errata/RHSA-2011-1144.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2138"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "BID",
"id": "49080"
},
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103970"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50083",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50083"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2138",
"trust": 4.1
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.4
},
{
"db": "BID",
"id": "49080",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.9
},
{
"db": "ZDI",
"id": "ZDI-11-253",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "74437",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1230",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186",
"trust": 0.7
},
{
"db": "BID",
"id": "49081",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17521",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "103970",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50083",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103929",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "BID",
"id": "49080"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103970"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"id": "VAR-201108-0150",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50083"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:58:20.920000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14085"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16104"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2138"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2138"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74437"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49080"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49081"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17521"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-253"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45593/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "BID",
"id": "49080"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103970"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"db": "VULHUB",
"id": "VHN-50083"
},
{
"db": "BID",
"id": "49080"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103970"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "PACKETSTORM",
"id": "103929"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-12T00:00:00",
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50083"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49080"
},
{
"date": "2011-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-08-13T20:24:57",
"db": "PACKETSTORM",
"id": "103970"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "2011-08-11T08:17:54",
"db": "PACKETSTORM",
"id": "103929"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"date": "2011-08-10T22:55:00.830000",
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-12T00:00:00",
"db": "ZDI",
"id": "ZDI-11-253"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50083"
},
{
"date": "2015-03-19T09:34:00",
"db": "BID",
"id": "49080"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002152"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-186"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "103970"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002152"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-186"
}
],
"trust": 0.6
}
}
VAR-201302-0147
Vulnerability from variot - Updated: 2024-07-23 19:54Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0147",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.59x (air for ios include ) (windows"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.16"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.19"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.485"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1.153"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.102.59"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.1.111.31"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57923"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0642",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-0642",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-60644",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-0642",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-168",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-60644",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0642"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "BID",
"id": "57923"
},
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0642",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57923",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-60644",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "BID",
"id": "57923"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"id": "VAR-201302-0147",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60644"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:54:27.792000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0642"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0642"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "BID",
"id": "57923"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60644"
},
{
"db": "BID",
"id": "57923"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-60644"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57923"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"date": "2013-02-12T20:55:04.403000",
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-60644"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57923"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001482"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-168"
},
{
"date": "2018-12-06T19:47:16.903000",
"db": "NVD",
"id": "CVE-2013-0642"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001482"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-168"
}
],
"trust": 0.6
}
}
VAR-201302-0301
Vulnerability from variot - Updated: 2024-07-23 19:53Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.270-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.270-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
SOLUTION: Update to version 24.0.1312.70.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Please send email to cert@cert.org with "TA13-043A Feedback VU#689711" in the subject.
Produced by US-CERT, a government organization. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52166
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
RELEASE DATE: 2013-02-12
DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52166/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52166
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
1) Some unspecified errors can be exploited to cause buffer overflows.
2) Some use-after-free errors can be exploited to dereference already freed memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to disclose certain sensitive information.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.
ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0301",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.167"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.61"
},
{
"model": "flash player for android",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.6.602.168"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.47"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.6.602.167"
},
{
"model": "flash player for android",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.43"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.597"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.270"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include ) (windows"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.6.0.599"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.63"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(macintosh linux)"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.6.602.167"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.6.602.167"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.0.0.4080"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.1.0.488"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3650"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2710"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.5.0.890"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.3.0.3670"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "57921"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.168",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.63",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.270",
"versionStartIncluding": "11.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.43",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.47",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.597",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0.599",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.61",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.602.167",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1365",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1365",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-61367",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1365",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-173",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61367",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0254-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date: 2013-02-13\nCVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSOLUTION:\nUpdate to version 24.0.1312.70. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-043A Feedback VU#689711\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1365"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "BID",
"id": "57921"
},
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1365",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA13-043A",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52163",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52164",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52203",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52166",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "52197",
"trust": 0.6
},
{
"db": "BID",
"id": "57921",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61367",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120253",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120282",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "BID",
"id": "57921"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"id": "VAR-201302-0301",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61367"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:53:24.502000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"title": "APSB13-05 (cq02121817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2013:0295",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"title": "SUSE-SU-2013:0296",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"title": "openSUSE-SU-2013:0298",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"title": "RHSA-2013:0254",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
},
{
"title": "install_flash_player_11_linux.i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45304"
},
{
"title": "install_flash_player_osx",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45303"
},
{
"title": "install_flashplayer11x32_mssd_aih",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45302"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1365"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-043a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1365"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52163"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52164"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52166"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52197"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52203"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/air/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52163/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52163"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52164"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/#comments"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52164/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2805940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52203"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52203/"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-06.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/notification.html"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/privacy/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb13-05.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52166/#comments"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "BID",
"id": "57921"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61367"
},
{
"db": "BID",
"id": "57921"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"db": "PACKETSTORM",
"id": "120268"
},
{
"db": "PACKETSTORM",
"id": "120253"
},
{
"db": "PACKETSTORM",
"id": "120240"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "120282"
},
{
"db": "PACKETSTORM",
"id": "120271"
},
{
"db": "PACKETSTORM",
"id": "120239"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-61367"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57921"
},
{
"date": "2013-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"date": "2013-02-13T19:12:55",
"db": "PACKETSTORM",
"id": "120268"
},
{
"date": "2013-02-12T06:59:46",
"db": "PACKETSTORM",
"id": "120253"
},
{
"date": "2013-02-12T06:40:28",
"db": "PACKETSTORM",
"id": "120240"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2013-02-13T03:13:33",
"db": "PACKETSTORM",
"id": "120282"
},
{
"date": "2013-02-13T19:13:42",
"db": "PACKETSTORM",
"id": "120271"
},
{
"date": "2013-02-12T06:40:24",
"db": "PACKETSTORM",
"id": "120239"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"date": "2013-02-12T20:55:04.637000",
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61367"
},
{
"date": "2013-09-17T00:15:00",
"db": "BID",
"id": "57921"
},
{
"date": "2013-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001476"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-173"
},
{
"date": "2018-12-06T20:34:25.367000",
"db": "NVD",
"id": "CVE-2013-1365"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-173"
}
],
"trust": 0.6
}
}
VAR-201211-0369
Vulnerability from variot - Updated: 2024-07-23 19:47Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player and AIR are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial-of-service condition. NOTE: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51210
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
RELEASE DATE: 2012-11-07
DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51210/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51210
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
For more information: SA51213
2) An integer overflow error exists in WebP handling.
3) An error in v8 can be exploited to cause an out-of-bounds array access.
4) A use-after-free error exists in SVG filter handling.
5) An error exists related to integer boundary checks within GPU command buffers.
6) A use-after-free error exists in video layout handling.
7) An error exists related to inappropriate loading of SVG subresource in "img" context.
8) A race condition error exists in Pepper buffer handling.
9) A type casting error exists in certain input handling.
10) An error in Skia can be exploited to cause an out-of-bounds read.
11) An error in texture handling can be exploited to corrupt memory.
12) A use-after-free error exists in extension tab handling.
13) A use-after-free error exists in plug-in placeholder handling.
14) An error in v8 can be exploited to corrupt memory.
SOLUTION: Upgrade to version 23.0.1271.64.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team
ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
873818 - flash-plugin: multiple code-execution flaws (APSB12-24)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.251-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.251-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Successful exploitation of the vulnerabilities may allow execution of arbitrary code. 7) Eduardo Vela Nava, Google Security Team
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0369",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "windows",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "android)"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 2.x 3.x)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(android 4.x)"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "10 (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows"
},
{
"model": "air",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.115.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.251"
},
{
"model": "internet explorer",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(air for ios include )"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.0.600"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.5.502.110"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "windows server",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux)"
},
{
"model": "windows 8",
"scope": "lt",
"trust": 0.8,
"vendor": "microsoft",
"version": ")"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.183.43"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2012 (adobe flash player 11.3.376.12"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "rt (adobe flash player 11.3.376.12"
},
{
"model": "windows 8",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 64-bit systems (adobe flash player 11.3.376.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "11.1.111.24"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.4990"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "3.4.0.2540"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.0.7220"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.2"
}
],
"sources": [
{
"db": "BID",
"id": "56554"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.5.502.110",
"versionStartIncluding": "11.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.202.251",
"versionStartIncluding": "11.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.43",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.111.24",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.7",
"versionStartIncluding": "2.0",
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.6",
"versionStartIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.115.27",
"versionStartIncluding": "11.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.4",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.0.600",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 0.5
},
"cve": "CVE-2012-5279",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5279",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-58560",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5279",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-58560",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player and AIR are prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial-of-service condition. \nNOTE: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2012:1431-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date: 2012-11-07\nCVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n7) Eduardo Vela Nava, Google Security Team",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5279"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "BID",
"id": "56554"
},
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5279",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "51207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "51213",
"trust": 1.8
},
{
"db": "BID",
"id": "56554",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "51245",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51210",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-58560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117963",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117947",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "BID",
"id": "56554"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"id": "VAR-201211-0369",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58560"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:47:22.569000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"title": "APSB12-24 (cq11061810)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
},
{
"title": "APSB12-24",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Release and Beta Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"title": "openSUSE-SU-2012:1480",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"title": "SUSE-SU-2012:1485",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"title": "RHSA-2012:1431",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51186"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51207"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51213"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/56554"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027730"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/51245"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79850"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5279"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5279"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51210"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51245/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51186/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51210/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51213/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "BID",
"id": "56554"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58560"
},
{
"db": "BID",
"id": "56554"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"db": "PACKETSTORM",
"id": "118097"
},
{
"db": "PACKETSTORM",
"id": "117944"
},
{
"db": "PACKETSTORM",
"id": "117963"
},
{
"db": "PACKETSTORM",
"id": "117960"
},
{
"db": "PACKETSTORM",
"id": "117947"
},
{
"db": "PACKETSTORM",
"id": "123225"
},
{
"db": "PACKETSTORM",
"id": "117961"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58560"
},
{
"date": "2012-11-06T00:00:00",
"db": "BID",
"id": "56554"
},
{
"date": "2012-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"date": "2012-11-14T06:05:43",
"db": "PACKETSTORM",
"id": "118097"
},
{
"date": "2012-11-07T04:12:41",
"db": "PACKETSTORM",
"id": "117944"
},
{
"date": "2012-11-08T11:19:24",
"db": "PACKETSTORM",
"id": "117963"
},
{
"date": "2012-11-08T11:19:15",
"db": "PACKETSTORM",
"id": "117960"
},
{
"date": "2012-11-08T00:12:49",
"db": "PACKETSTORM",
"id": "117947"
},
{
"date": "2013-09-14T15:19:13",
"db": "PACKETSTORM",
"id": "123225"
},
{
"date": "2012-11-08T11:19:18",
"db": "PACKETSTORM",
"id": "117961"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"date": "2012-11-07T05:41:22.270000",
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-58560"
},
{
"date": "2013-09-17T00:13:00",
"db": "BID",
"id": "56554"
},
{
"date": "2012-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005275"
},
{
"date": "2012-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-136"
},
{
"date": "2018-12-04T17:53:38.463000",
"db": "NVD",
"id": "CVE-2012-5279"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-136"
}
],
"trust": 0.6
}
}
VAR-201108-0146
Vulnerability from variot - Updated: 2024-07-23 19:44Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. Adobe Flash Player and Adobe AIR Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-2135 , CVE-2011-2417 ,and CVE-2011-2425 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:033
Date: Wed, 10 Aug 2011 14:00:00 +0000
Affected Products: SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
SUSE Default Package: yes
Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
CVE-2011-2425
Content of This Advisory:
1) Security Vulnerability Resolved:
remote code execution
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.
For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html
2) Solution or Work-Around
none
3) Special Instructions and Notes
Pleease restart your browser.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
none
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA45583
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
RELEASE DATE: 2011-08-11
DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45583/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45583
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
7) An unspecified error can be exploited to disclose certain information from another domain.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor
The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs
ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
The flaw exists within the sequenceParameterSetNALUnit component. More details can be found at: http://www.adobe.com/support/security/bulletins/apsb11-21.html
-- Disclosure Timeline: 2011-02-10 - Vulnerability reported to vendor 2011-08-23 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter: http://twitter.com/thezdi
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64: acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0146",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "air",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "air",
"scope": "eq",
"trust": 1.1,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.181.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.34"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.36 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.25 for android"
},
{
"model": "hp systems insight manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "7.0"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "flash player",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.186.3"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.26"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.25"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.183.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "BID",
"id": "49083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.181.36",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.185.25",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
}
],
"trust": 0.7
},
"cve": "CVE-2011-2140",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2140",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2140",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50085",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2140",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-2140",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-189",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50085",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. Adobe Flash Player and Adobe AIR Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-2135 , CVE-2011-2417 ,and CVE-2011-2425 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:033\n Date: Wed, 10 Aug 2011 14:00:00 +0000\n Affected Products: SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n SUSE Default Package: yes\n Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n CVE-2011-2425\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n remote code execution\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n none\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash-Player was updated to version 10.3.188.5 to fix various buffer\n and integer overflows:\n - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n \n Earlier flash-player versions can be exploited to execute arbitrary code\n remotely with the privileges of the attacked user. \n \n For more details see:\n http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n none\n\n3) Special Instructions and Notes\n\n Pleease restart your browser. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nRELEASE DATE:\n2011-08-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player,\nwhich can be exploited by malicious people to disclose sensitive\ninformation and compromise a user\u0027s system. \n\n7) An unspecified error can be exploited to disclose certain\ninformation from another domain. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor\n\nThe vendor credits:\n2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of\nSciences\n3) Wushi, Team 509 via iDefense Labs\n4, 11) Vitaliy Toropov via iDefense Labs\n5) Alexander Zaitsev, Positive Technologies\n6, 8) An anonymous person via ZDI\n7) Brandon Hardy\n9) Bo Qu, Palo Alto Networks\n10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs\n12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team\n13) Honggang Ren, FortiGuard Labs\n\nORIGINAL ADVISORY:\nAdobe (APSB11-21):\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. \n\nThe flaw exists within the sequenceParameterSetNALUnit component. More\ndetails can be found at:\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n-- Disclosure Timeline:\n2011-02-10 - Vulnerability reported to vendor\n2011-08-23 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2011:1434-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date: 2011-11-08\nCVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2140"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "BID",
"id": "49083"
},
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "104400"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50085",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50085"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2140",
"trust": 4.1
},
{
"db": "USCERT",
"id": "TA11-222A",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "45583",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "45529",
"trust": 1.4
},
{
"db": "BID",
"id": "49083",
"trust": 1.2
},
{
"db": "ZDI",
"id": "ZDI-11-276",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "74439",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "45593",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025907",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1025914",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA11-222A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-975",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "17523",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "17880",
"trust": 0.6
},
{
"db": "BID",
"id": "49084",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "104400",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "18479",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "18437",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109283",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-72577",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-50085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106736",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "BID",
"id": "49083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "104400"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"id": "VAR-201108-0146",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50085"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:44:48.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-21",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"title": "APSB11-21 (cpsid_91448)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
},
{
"title": "APSB11-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
},
{
"title": "HPSBMU02769 SSRT100846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
},
{
"title": "RHSA-2011:1144",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"title": "TA11-222A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45529"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/45583"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14074"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2140"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-222a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2140"
},
{
"trust": 0.8,
"url": "http://osvdb.org/74439"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/45593"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/49083"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025914"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1025907"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49084"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17523"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17880"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-276/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100151664"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45583/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-276"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "BID",
"id": "49083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "104400"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"db": "VULHUB",
"id": "VHN-50085"
},
{
"db": "BID",
"id": "49083"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"db": "PACKETSTORM",
"id": "103913"
},
{
"db": "PACKETSTORM",
"id": "103946"
},
{
"db": "PACKETSTORM",
"id": "103903"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "104400"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "106736"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"date": "2011-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-50085"
},
{
"date": "2011-08-09T00:00:00",
"db": "BID",
"id": "49083"
},
{
"date": "2011-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"date": "2011-08-11T04:36:04",
"db": "PACKETSTORM",
"id": "103913"
},
{
"date": "2011-08-12T05:17:05",
"db": "PACKETSTORM",
"id": "103946"
},
{
"date": "2011-08-10T08:16:38",
"db": "PACKETSTORM",
"id": "103903"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2011-08-24T03:17:08",
"db": "PACKETSTORM",
"id": "104400"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-11-08T15:21:13",
"db": "PACKETSTORM",
"id": "106736"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"date": "2011-08-10T22:55:00.890000",
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-276"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50085"
},
{
"date": "2015-03-19T08:52:00",
"db": "BID",
"id": "49083"
},
{
"date": "2013-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002155"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-189"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2140"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "104400"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002155"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-189"
}
],
"trust": 0.6
}
}