ALT-BU-2015-2735-1
Branch t7 update bulletin.
Package adobe-flash-player updated to version 11-alt56 for branch t7 in task 153097.
Closed vulnerabilities
BDU:2015-12013
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющие нарушителю выполнить произвольный код
BDU:2015-12014
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющие нарушителю выполнить произвольный код
BDU:2015-12015
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющие нарушителю выполнить произвольный код
BDU:2015-12016
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12022
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющие нарушителю выполнить произвольный код
BDU:2015-12023
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю обойти ограничения доступа на запись в файлы
BDU:2015-12024
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12025
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12026
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12027
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12028
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12029
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12030
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12031
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12032
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12033
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2015-12034
Уязвимость программных платформ Adobe Integrated Runtime и Flash Player, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2015-7651
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-556
- http://www.zerodayinitiative.com/advisories/ZDI-15-556
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7652
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted gridFitType property value, a different vulnerability than CVE-2015-7651, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-557
- http://www.zerodayinitiative.com/advisories/ZDI-15-557
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
- 39020
- 39020
Modified: 2024-11-21
CVE-2015-7653
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted globalToLocal arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-561
- http://www.zerodayinitiative.com/advisories/ZDI-15-561
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7654
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-560
- http://www.zerodayinitiative.com/advisories/ZDI-15-560
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7655
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-559
- http://www.zerodayinitiative.com/advisories/ZDI-15-559
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7656
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-558
- http://www.zerodayinitiative.com/advisories/ZDI-15-558
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7657
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionCallMethod arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-567
- http://www.zerodayinitiative.com/advisories/ZDI-15-567
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7658
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionInstanceOf arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-562
- http://www.zerodayinitiative.com/advisories/ZDI-15-562
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7659
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77534
- 77534
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-566
- http://www.zerodayinitiative.com/advisories/ZDI-15-566
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7660
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted setMask arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-565
- http://www.zerodayinitiative.com/advisories/ZDI-15-565
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7661
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-564
- http://www.zerodayinitiative.com/advisories/ZDI-15-564
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7662
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77535
- 77535
- 1034111
- 1034111
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-7663
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-8042
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- http://www.zerodayinitiative.com/advisories/ZDI-15-563
- http://www.zerodayinitiative.com/advisories/ZDI-15-563
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-8043
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-8044
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
Modified: 2024-11-21
CVE-2015-8046
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044.
- openSUSE-SU-2015:1984
- openSUSE-SU-2015:1984
- RHSA-2015:2023
- RHSA-2015:2023
- RHSA-2015:2024
- RHSA-2015:2024
- 77533
- 77533
- 1034111
- 1034111
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- GLSA-201511-02
- GLSA-201511-02
- 39019
- 39019
Closed bugs
надо бы обновить до 5.5
Package firefox-esr updated to version 38.4.0-alt0.M70P.1 for branch t7 in task 153097.
Closed vulnerabilities
No data currently available.
No data currently available.
Closed vulnerabilities
BDU:2015-11994
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2015-11995
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2015-12005
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2015-7181
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.
- SUSE-SU-2015:1926
- SUSE-SU-2015:1926
- openSUSE-SU-2015:1942
- openSUSE-SU-2015:1942
- SUSE-SU-2015:1978
- SUSE-SU-2015:1978
- SUSE-SU-2015:1981
- SUSE-SU-2015:1981
- SUSE-SU-2015:2081
- SUSE-SU-2015:2081
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2245
- openSUSE-SU-2015:2245
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- RHSA-2015:1980
- RHSA-2015:1980
- RHSA-2015:1981
- RHSA-2015:1981
- DSA-3393
- DSA-3393
- DSA-3410
- DSA-3410
- DSA-3688
- DSA-3688
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 77416
- 77416
- 91787
- 91787
- 1034069
- 1034069
- SSA:2015-310-02
- SSA:2015-310-02
- USN-2785-1
- USN-2785-1
- USN-2791-1
- USN-2791-1
- USN-2819-1
- USN-2819-1
- https://bto.bluecoat.com/security-advisory/sa119
- https://bto.bluecoat.com/security-advisory/sa119
- https://bugzilla.mozilla.org/show_bug.cgi?id=1192028
- https://bugzilla.mozilla.org/show_bug.cgi?id=1192028
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- GLSA-201512-10
- GLSA-201512-10
- GLSA-201605-06
- GLSA-201605-06
Modified: 2024-11-21
CVE-2015-7182
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.
- SUSE-SU-2015:1926
- SUSE-SU-2015:1926
- openSUSE-SU-2015:1942
- openSUSE-SU-2015:1942
- SUSE-SU-2015:1978
- SUSE-SU-2015:1978
- SUSE-SU-2015:1981
- SUSE-SU-2015:1981
- SUSE-SU-2015:2081
- SUSE-SU-2015:2081
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2245
- openSUSE-SU-2015:2245
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- RHSA-2015:1980
- RHSA-2015:1980
- RHSA-2015:1981
- RHSA-2015:1981
- DSA-3393
- DSA-3393
- DSA-3410
- DSA-3410
- DSA-3688
- DSA-3688
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 77416
- 77416
- 91787
- 91787
- 1034069
- 1034069
- SSA:2015-310-02
- SSA:2015-310-02
- USN-2785-1
- USN-2785-1
- USN-2791-1
- USN-2791-1
- USN-2819-1
- USN-2819-1
- https://bto.bluecoat.com/security-advisory/sa119
- https://bto.bluecoat.com/security-advisory/sa119
- https://bugzilla.mozilla.org/show_bug.cgi?id=1202868
- https://bugzilla.mozilla.org/show_bug.cgi?id=1202868
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- GLSA-201512-10
- GLSA-201512-10
- GLSA-201605-06
- GLSA-201605-06
Modified: 2024-11-21
CVE-2015-7183
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
- SUSE-SU-2015:1926
- SUSE-SU-2015:1926
- openSUSE-SU-2015:1942
- openSUSE-SU-2015:1942
- SUSE-SU-2015:1978
- SUSE-SU-2015:1978
- SUSE-SU-2015:1981
- SUSE-SU-2015:1981
- SUSE-SU-2015:2081
- SUSE-SU-2015:2081
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2229
- openSUSE-SU-2015:2245
- openSUSE-SU-2015:2245
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
- RHSA-2015:1980
- RHSA-2015:1980
- RHSA-2015:1981
- RHSA-2015:1981
- DSA-3393
- DSA-3393
- DSA-3406
- DSA-3406
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-133.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 77415
- 77415
- 91787
- 91787
- 1034069
- 1034069
- SSA:2015-310-02
- SSA:2015-310-02
- USN-2785-1
- USN-2785-1
- USN-2790-1
- USN-2790-1
- USN-2819-1
- USN-2819-1
- https://bto.bluecoat.com/security-advisory/sa119
- https://bto.bluecoat.com/security-advisory/sa119
- https://bugzilla.mozilla.org/show_bug.cgi?id=1205157
- https://bugzilla.mozilla.org/show_bug.cgi?id=1205157
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
- GLSA-201512-10
- GLSA-201512-10
- GLSA-201605-06
- GLSA-201605-06
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-2131
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.
- [oss-security] 20130418 plone, rrdtool, zenoss bugs
- [oss-security] 20130418 plone, rrdtool, zenoss bugs
- [oss-security] 20130419 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130419 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130531 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130531 Re: plone, rrdtool, zenoss bugs
- https://bugzilla.redhat.com/show_bug.cgi?id=969296
- https://bugzilla.redhat.com/show_bug.cgi?id=969296
- https://github.com/oetiker/rrdtool-1.x/issues/396
- https://github.com/oetiker/rrdtool-1.x/issues/396
- https://github.com/oetiker/rrdtool-1.x/pull/397
- https://github.com/oetiker/rrdtool-1.x/pull/397