ALT-PU-2016-1311-1
Package adobe-flash-player updated to version 11-alt61 for branch t7 in task 162769.
Closed vulnerabilities
BDU:2016-00943
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00976
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00977
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00978
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00979
Уязвимость программной платформы Flash Player, позволяющая нарушителю обойти существующие ограничения доступа
BDU:2016-00980
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00981
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00982
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00983
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00984
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00985
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00986
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00987
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00988
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00989
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00990
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00991
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00992
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00993
Уязвимость программной платформы Flash Player, позволяющая нарушителю повысить свои привилегии
BDU:2016-00994
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-00995
Уязвимость программной платформы Flash Player, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-00996
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-01079
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
BDU:2016-01080
Уязвимость программной платформы Flash Player, позволяющая нарушителю обойти защитный механизм ASLR
Modified: 2024-11-21
CVE-2016-1006
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.
Modified: 2024-11-21
CVE-2016-1011
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html
- http://packetstormsecurity.com/files/137050/Adobe-Flash-MovieClip.duplicateMovieClip-Use-After-Free.html
- RHSA-2016:0610
- RHSA-2016:0610
- 85926
- 85926
- 1035509
- 1035509
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- 39779
- 39779
Modified: 2024-11-21
CVE-2016-1012
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1013
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1016, CVE-2016-1017, and CVE-2016-1031.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 85926
- 85926
- 1035509
- 1035509
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- 39778
- 39778
Modified: 2024-11-21
CVE-2016-1014
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html
- http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html
- RHSA-2016:0610
- RHSA-2016:0610
- 20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player
- 20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player
- 20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player
- 20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player
- 1035509
- 1035509
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Modified: 2024-11-21
CVE-2016-1015
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-2016-1019.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 85930
- 85930
- 1035509
- 1035509
- http://www.zerodayinitiative.com/advisories/ZDI-16-227/
- http://www.zerodayinitiative.com/advisories/ZDI-16-227/
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Modified: 2024-11-21
CVE-2016-1016
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1017, and CVE-2016-1031.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 85926
- 85926
- 1035509
- 1035509
- http://www.zerodayinitiative.com/advisories/ZDI-16-226/
- http://www.zerodayinitiative.com/advisories/ZDI-16-226/
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Modified: 2024-11-21
CVE-2016-1017
Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1031.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 85926
- 85926
- 1035509
- 1035509
- http://www.zerodayinitiative.com/advisories/ZDI-16-225/
- http://www.zerodayinitiative.com/advisories/ZDI-16-225/
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Modified: 2024-11-21
CVE-2016-1018
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data.
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 1035509
- 1035509
- http://www.zerodayinitiative.com/advisories/ZDI-16-228/
- http://www.zerodayinitiative.com/advisories/ZDI-16-228/
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
Modified: 2024-11-21
CVE-2016-1019
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.
- http://blogs.adobe.com/psirt/?p=1330
- http://blogs.adobe.com/psirt/?p=1330
- openSUSE-SU-2016:0987
- openSUSE-SU-2016:0987
- SUSE-SU-2016:0990
- SUSE-SU-2016:0990
- openSUSE-SU-2016:0997
- openSUSE-SU-2016:0997
- openSUSE-SU-2016:1157
- openSUSE-SU-2016:1157
- SUSE-SU-2016:1305
- SUSE-SU-2016:1305
- openSUSE-SU-2016:1306
- openSUSE-SU-2016:1306
- RHSA-2016:0610
- RHSA-2016:0610
- 85856
- 85856
- 1035491
- 1035491
- MS16-050
- MS16-050
- https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
- https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- GLSA-201606-08
- GLSA-201606-08
- https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
- https://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
Modified: 2024-11-21
CVE-2016-1020
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1021
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1022
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1023
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1024
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1025
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1026
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1027
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1028
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1029
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1030
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
Modified: 2024-11-21
CVE-2016-1031
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, and CVE-2016-1017.
Modified: 2024-11-21
CVE-2016-1032
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1033.
Modified: 2024-11-21
CVE-2016-1033
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, and CVE-2016-1032.