ALT Linux Team

Branch t7 update on 2015-08-14

2015-08-14

ALT-BU-2015-2586-1

Branch t7 update bulletin.

ALT-PU-2015-1681-1

Package adobe-flash-player updated to version 11-alt52 for branch t7 in task 147655.

Closed vulnerabilities

Published: 2015-06-09

BDU:2015-10349

Уязвимость программной платформы Adobe AIR, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-06-09

BDU:2015-10350

Уязвимость программной платформы Adobe AIR, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-06-09

BDU:2015-10351

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-06-09

BDU:2015-10352

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-20

BDU:2015-10802

Уязвимость программной платформы Adobe AIR, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-07-20

BDU:2015-10803

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-07-20

BDU:2015-10804

Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11070

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11071

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11072

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11073

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11074

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11075

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11076

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11077

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11078

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11079

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11080

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11081

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11082

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11083

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11084

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11085

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11086

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11087

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11088

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11089

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11090

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11091

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11092

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11093

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11094

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11095

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11096

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11097

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11098

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11099

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11100

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-08-13

BDU:2015-11101

Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-06-10
Modified: 2024-11-21

CVE-2015-3107

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-21
Modified: 2024-11-21

CVE-2015-5124

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5125

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5127

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-10-08
Modified: 2023-11-07

CVE-2015-5128

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5129

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5130

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5131

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5132

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5133

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5134

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5539

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5540

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5541

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5544

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5545

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5546

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5547

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5548

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5549

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5552, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5550

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5551

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5552

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5553

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5552.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5554

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2015-5562.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5555

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5558, and CVE-2015-5562.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5556

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5557

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5558

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5562.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5559

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5560

Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5561

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5562

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5563

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5564, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:
Published: 2015-08-14
Modified: 2024-11-21

CVE-2015-5564

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565.

Severity: CRITICAL (10.0)
References:

ALT-PU-2015-1683-1

Package dnsmasq updated to version 2.75-alt0.M70P.1 for branch t7 in task 147668.

Closed vulnerabilities

Published: 2015-04-07

BDU:2015-10027

Уязвимость DNS-сервера Dnsmasq, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (4.3)
References:
Published: 2015-05-08
Modified: 2024-11-21

CVE-2015-3294

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.

Severity: MEDIUM (6.4)
References:

ALT-PU-2015-1684-1

Package firefox-esr updated to version 38.1.1-alt0.M70P.1 for branch t7 in task 147668.

Closed vulnerabilities

Published: 2015-07-05

BDU:2015-10550

Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10551

Уязвимость браузера Firefox ESR, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10552

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10553

Уязвимость браузера Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10554

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10555

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10556

Уязвимость браузера Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10557

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10558

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10559

Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код на стороне клиента

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10560

Уязвимость браузера Firefox ESR, позволяющая нарушителю выполнить произвольный код на стороне клиента

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10561

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код на стороне клиента

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10562

Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10563

Уязвимость браузера Firefox ESR, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10564

Уязвимость браузера Firefox, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10565

Уязвимость браузера Firefox ESR, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10566

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10567

Уязвимость браузера Firefox, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10568

Уязвимость браузера Firefox ESR, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10569

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10570

Уязвимость браузера Firefox, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10571

Уязвимость браузера Firefox ESR, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10572

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю читать данные из неинициализированных областей памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10573

Уязвимость браузера Firefox, позволяющая нарушителю получить доступ к содержимому ячеек памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10574

Уязвимость браузера Firefox ESR, позволяющая нарушителю получить доступ к содержимому ячеек памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10575

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю получить доступ к содержимому ячеек памяти

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10576

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10577

Уязвимость браузера Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10578

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-07-05

BDU:2015-10810

Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: HIGH (7.5)
References:
Published: 2015-07-05

BDU:2015-10811

Уязвимость браузера Firefox ESR, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: HIGH (7.5)
References:
Published: 2015-07-05

BDU:2015-10812

Уязвимость браузера Firefox, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10813

Уязвимость браузера Firefox ESR, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10814

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10815

Уязвимость браузера Firefox, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10816

Уязвимость браузера Firefox ESR, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10817

Уязвимость почтового клиента Thunderbird, позволяющая нарушителю повлиять на работу программы

Severity: CRITICAL (9.3)
References:
Published: 2015-07-05

BDU:2015-10818

Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.5)
References:
Published: 2015-07-05

BDU:2015-10819

Уязвимость браузера Firefox ESR, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.5)
References:
Published: 2015-08-29

BDU:2015-11311

Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2722

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2724

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2725

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2726

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2728

The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.

Severity: HIGH (7.5)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2729

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Severity: MEDIUM (5.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2731

Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2733

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2734

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2735

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

Severity: CRITICAL (9.3)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2736

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

Severity: CRITICAL (9.3)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2737

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2738

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2740

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

Severity: CRITICAL (10.0)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2741

Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.

Severity: MEDIUM (4.3)
References:
Published: 2015-07-06
Modified: 2024-11-21

CVE-2015-2743

PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.

Severity: HIGH (7.5)
References:
Published: 2015-08-29
Modified: 2024-11-21

CVE-2015-4497

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.

Severity: CRITICAL (10.0)
References:

MFSA 2015-60

No data currently available.

MFSA 2015-61

No data currently available.

MFSA 2015-62

No data currently available.

MFSA 2015-63

No data currently available.

MFSA 2015-64

No data currently available.

MFSA 2015-65

No data currently available.

MFSA 2015-66

No data currently available.

MFSA 2015-67

No data currently available.

MFSA 2015-69

No data currently available.

MFSA 2015-70

No data currently available.

MFSA 2015-78

No data currently available.

ALT-PU-2015-1685-1

Package nvidia_glx_common updated to version 346.87-alt153 for branch t7 in task 147668.

Closed vulnerabilities

Published: 2015-11-24

BDU:2015-12100

Уязвимость программного обеспечения графического процессора NVIDIA GPU, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Severity: CRITICAL (10.0)
References:
Published: 2015-11-24
Modified: 2024-11-21

CVE-2015-5053

The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.

Severity: CRITICAL (10.0)
References:

ALT-PU-2015-1686-1

Package thunderbird-esr updated to version 38.1.0-alt0.M70P.1 for branch t7 in task 147668.

Closed vulnerabilities

MFSA 2015-63

No data currently available.

MFSA 2015-66

No data currently available.

MFSA 2015-67

No data currently available.

MFSA 2015-70

No data currently available.

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top