Author Topic: [sec] flashplugin before version 11.2.202.540-1 is vulnerable to remote code  (Read 1376 times)

0 Members and 1 Guest are viewing this topic.

Offline philm

  • Core Team
  • *****
  • Posts: 10671
    • Manjaro Linux
  • Branch: Unstable
  • Desktop: XFCE
  • GPU Card: Geforce GTX 650
  • GPU driver: non-free
  • Kernel: Maintainer - so all ;)
  • Skill: Guru


Severity: Critical
Date    : 2015-10-16
CVE-ID  : CVE-2015-5569 CVE-2015-7625 CVE-2015-7626 CVE-2015-7627
          CVE-2015-7628 CVE-2015-7629 CVE-2015-7630 CVE-2015-7631
          CVE-2015-7632 CVE-2015-7633 CVE-2015-7634 CVE-2015-7643
          CVE-2015-7644
Package : flashplugin
Type    : multiple issues
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package flashplugin before version 11.2.202.540-1 is vulnerable to
multiple issues including but not limited to arbitrary code execution,
same-origin-policy bypass and information disclosure.

Resolution
==========

Upgrade to 11.2.202.540-1.

Code: [Select]
sudo pacman -Syu "flashplugin>=11.2.202.540-1"
The problems have been fixed upstream in version 11.2.202.540-1.

Workaround
==========

None.

Description
===========

- CVE-2015-5569 (information leak, insufficient hardening)

These updates include a defense-in-depth feature in the Flash broker API.

- CVE-2015-7625 CVE-2015-7626 CVE-2015-7627 CVE-2015-7630 CVE-2015-7633
  CVE-2015-7634 (arbitrary code execution)

These updates resolve memory corruption vulnerabilities that could lead
to code execution.

- CVE-2015-7628 (same-origin-policy bypass, information disclosure)

These updates resolve a vulnerability that could be exploited to bypass
the same-origin-policy and lead to information disclosure.

- CVE-2015-7629 CVE-2015-7631 CVE-2015-7643 CVE-2015-7644
  (arbitrary code execution)

These updates resolve use-after-free vulnerabilities that could lead to
code execution.

- CVE-2015-7632 (arbitrary code execution)

These updates resolve a buffer overflow vulnerability that could lead to
code execution.


Impact
======

A remote attacker is able to execute arbitrary code, bypass the
same-origin-policy and disclose sensitive information via various vectors.

References
==========

https://access.redhat.com/security/cve/CVE-2015-5569
https://access.redhat.com/security/cve/CVE-2015-7625
https://access.redhat.com/security/cve/CVE-2015-7626
https://access.redhat.com/security/cve/CVE-2015-7627
https://access.redhat.com/security/cve/CVE-2015-7628
https://access.redhat.com/security/cve/CVE-2015-7629
https://access.redhat.com/security/cve/CVE-2015-7630
https://access.redhat.com/security/cve/CVE-2015-7631
https://access.redhat.com/security/cve/CVE-2015-7632
https://access.redhat.com/security/cve/CVE-2015-7633
https://access.redhat.com/security/cve/CVE-2015-7634
https://access.redhat.com/security/cve/CVE-2015-7643
https://access.redhat.com/security/cve/CVE-2015-7644
https://helpx.adobe.com/security/products/flash-player/apsb15-25.html

Offline philm

  • Core Team
  • *****
  • Posts: 10671
    • Manjaro Linux
  • Branch: Unstable
  • Desktop: XFCE
  • GPU Card: Geforce GTX 650
  • GPU driver: non-free
  • Kernel: Maintainer - so all ;)
  • Skill: Guru
Also possible via:

i686
Code: [Select]
sudo pacman -U http://repo.manjaro.org.uk/pool/sync/flashplugin-11.2.202.540-1-i686.pkg.tar.xz
x86_64
Code: [Select]
sudo pacman -U http://repo.manjaro.org.uk/pool/sync/flashplugin-11.2.202.540-1-x86_64.pkg.tar.xz
sudo pacman -U http://repo.manjaro.org.uk/pool/sync/lib32-flashplugin-11.2.202.540-1-x86_64.pkg.tar.xz