ALT-BU-2015-2413-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2015-11546
Уязвимость прокси-сервера Squid, позволяющая нарушителю обойти существующие ограничения и получить доступ к серверу
BDU:2016-00731
Уязвимость прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2016-00732
Уязвимость прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2016-00733
Уязвимость прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2014-9749
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
- http://bugs.squid-cache.org/show_bug.cgi?id=4066
- http://bugs.squid-cache.org/show_bug.cgi?id=4066
- openSUSE-SU-2015:1835
- openSUSE-SU-2015:1835
- [oss-security] 20151001 CVE Request: squid: Nonce replay vulnerability in Digest authentication
- [oss-security] 20151001 CVE Request: squid: Nonce replay vulnerability in Digest authentication
- [oss-security] 20151011 Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication
- [oss-security] 20151011 Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication
- [oss-security] 20151012 Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication
- [oss-security] 20151012 Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication
Modified: 2024-11-21
CVE-2015-3455
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
- http://advisories.mageia.org/MGASA-2015-0191.html
- http://advisories.mageia.org/MGASA-2015-0191.html
- FEDORA-2016-7b40eb9e29
- FEDORA-2016-7b40eb9e29
- openSUSE-SU-2015:1546
- openSUSE-SU-2015:1546
- openSUSE-SU-2016:2081
- openSUSE-SU-2016:2081
- RHSA-2015:2378
- RHSA-2015:2378
- MDVSA-2015:230
- MDVSA-2015:230
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 74438
- 74438
- 1032221
- 1032221
- http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
- http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
Modified: 2024-11-21
CVE-2015-5400
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
- FEDORA-2016-7b40eb9e29
- FEDORA-2016-7b40eb9e29
- SUSE-SU-2016:1996
- SUSE-SU-2016:1996
- SUSE-SU-2016:2089
- SUSE-SU-2016:2089
- openSUSE-SU-2016:2081
- openSUSE-SU-2016:2081
- DSA-3327
- DSA-3327
- [oss-security] 20150706 Squid HTTP proxy CVE request
- [oss-security] 20150706 Squid HTTP proxy CVE request
- [oss-security] 20150709 Re: Squid HTTP proxy CVE request
- [oss-security] 20150709 Re: Squid HTTP proxy CVE request
- [oss-security] 20150710 Re: Squid HTTP proxy CVE request
- [oss-security] 20150710 Re: Squid HTTP proxy CVE request
- [oss-security] 20150717 Re: Re: Squid HTTP proxy CVE request
- [oss-security] 20150717 Re: Re: Squid HTTP proxy CVE request
- 75553
- 75553
- 1032873
- 1032873
- http://www.squid-cache.org/Advisories/SQUID-2015_2.txt
- http://www.squid-cache.org/Advisories/SQUID-2015_2.txt
- http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10494.patch
- http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10494.patch
- http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13225.patch
- http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13225.patch
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13856.patch
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13856.patch
Modified: 2024-11-21
CVE-2016-2569
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.
- SUSE-SU-2016:1996
- SUSE-SU-2016:1996
- SUSE-SU-2016:2089
- SUSE-SU-2016:2089
- openSUSE-SU-2016:2081
- openSUSE-SU-2016:2081
- RHSA-2016:2600
- RHSA-2016:2600
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- 1035101
- 1035101
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13991.patch
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13991.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14552.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14552.patch
- GLSA-201607-01
- GLSA-201607-01
- USN-3557-1
- USN-3557-1
Modified: 2024-11-21
CVE-2016-2570
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.
- SUSE-SU-2016:1996
- SUSE-SU-2016:1996
- SUSE-SU-2016:2089
- SUSE-SU-2016:2089
- openSUSE-SU-2016:2081
- openSUSE-SU-2016:2081
- RHSA-2016:2600
- RHSA-2016:2600
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- 1035101
- 1035101
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13993.patch
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13993.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
- GLSA-201607-01
- GLSA-201607-01
- USN-3557-1
- USN-3557-1
Modified: 2024-11-21
CVE-2016-2571
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
- SUSE-SU-2016:1996
- SUSE-SU-2016:1996
- SUSE-SU-2016:2089
- SUSE-SU-2016:2089
- openSUSE-SU-2016:2081
- openSUSE-SU-2016:2081
- RHSA-2016:2600
- RHSA-2016:2600
- DSA-3522
- DSA-3522
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- [oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues
- 1035101
- 1035101
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13990.patch
- http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13990.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
- http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
- USN-2921-1
- USN-2921-1
- GLSA-201607-01
- GLSA-201607-01
- USN-3557-1
- USN-3557-1
Package adobe-flash-player updated to version 11-alt43 for branch sisyphus in task 143173.
Closed vulnerabilities
BDU:2015-10263
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10264
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10265
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10266
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10267
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10268
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10269
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10270
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10271
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10272
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10273
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10274
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10275
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10276
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10277
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10278
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10279
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10280
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10281
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10282
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10283
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10284
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10285
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10286
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10287
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10288
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10289
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10290
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10312
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10313
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10314
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10315
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-10316
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10317
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10318
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10319
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10320
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-10321
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2015-0346
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74067
- 74067
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0347
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0348
Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0349
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74064
- 74064
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0350
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0351
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0358, and CVE-2015-3039.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74064
- 74064
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0352
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0353
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0354
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0355
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0356
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0357
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3040.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0358
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74064
- 74064
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0359
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0346.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74067
- 74067
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-0360
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-3038
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-3039
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74064
- 74064
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-3040
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-3041
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
Modified: 2024-11-21
CVE-2015-3042
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- RHSA-2015:0813
- 74062
- 74062
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
- 37839
- 37839
Modified: 2025-02-14
CVE-2015-3043
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- RHSA-2015:0813
- 74062
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- 37536
- openSUSE-SU-2015:0718
- 37536
- GLSA-201504-07
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- 1032105
- 74062
- RHSA-2015:0813
- openSUSE-SU-2015:0725
- SUSE-SU-2015:0723
- SUSE-SU-2015:0722
Modified: 2024-11-21
CVE-2015-3044
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
- openSUSE-SU-2015:0718
- openSUSE-SU-2015:0718
- SUSE-SU-2015:0722
- SUSE-SU-2015:0722
- SUSE-SU-2015:0723
- SUSE-SU-2015:0723
- openSUSE-SU-2015:0725
- openSUSE-SU-2015:0725
- SUSE-SU-2015:0878
- SUSE-SU-2015:0878
- openSUSE-SU-2015:0890
- openSUSE-SU-2015:0890
- openSUSE-SU-2015:0914
- openSUSE-SU-2015:0914
- RHSA-2015:0813
- RHSA-2015:0813
- 74065
- 74065
- 1032105
- 1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- GLSA-201504-07
- GLSA-201504-07
- GLSA-201505-02
- GLSA-201505-02