ALT Linux Team

Branch p6 update on 2014-10-28

2014-10-28

ALT-BU-2014-3072-1

Branch p6 update bulletin.

ALT-PU-2014-2274-1

Package adobe-flash-player updated to version 11-alt34 for branch p6 in task 132313.

Closed vulnerabilities

Published: 2014-10-15
Modified: 2024-11-21

CVE-2014-0570

Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Severity: MEDIUM (6.8)
References:
Published: 2014-10-15
Modified: 2024-11-21

CVE-2014-0571

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Severity: MEDIUM (4.3)
References:
Published: 2014-10-15
Modified: 2024-11-21

CVE-2014-0572

Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions via unspecified vectors.

Severity: MEDIUM (4.6)
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top