Security update for flash-player
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2015:1960-1
Final
1
1
2015-11-11T12:26:32Z
current
2015-11-11T12:26:32Z
2015-11-11T12:26:32Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for flash-player
The flash-player package was updated to fix the following security issues:
- Security update to 11.2.202.548 (bsc#954512):
* APSB15-28, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653,
CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657,
CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661,
CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043,
CVE-2015-8044, CVE-2015-8046
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
sledsp3-flash-player-12200,sledsp4-flash-player-12200
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
Link for SUSE-SU-2015:1960-1
https://lists.suse.com/pipermail/sle-security-updates/2015-November/001674.html
E-Mail link for SUSE-SU-2015:1960-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/954512
SUSE Bug 954512
https://www.suse.com/security/cve/CVE-2015-7651/
SUSE CVE CVE-2015-7651 page
https://www.suse.com/security/cve/CVE-2015-7652/
SUSE CVE CVE-2015-7652 page
https://www.suse.com/security/cve/CVE-2015-7653/
SUSE CVE CVE-2015-7653 page
https://www.suse.com/security/cve/CVE-2015-7654/
SUSE CVE CVE-2015-7654 page
https://www.suse.com/security/cve/CVE-2015-7655/
SUSE CVE CVE-2015-7655 page
https://www.suse.com/security/cve/CVE-2015-7656/
SUSE CVE CVE-2015-7656 page
https://www.suse.com/security/cve/CVE-2015-7657/
SUSE CVE CVE-2015-7657 page
https://www.suse.com/security/cve/CVE-2015-7658/
SUSE CVE CVE-2015-7658 page
https://www.suse.com/security/cve/CVE-2015-7659/
SUSE CVE CVE-2015-7659 page
https://www.suse.com/security/cve/CVE-2015-7660/
SUSE CVE CVE-2015-7660 page
https://www.suse.com/security/cve/CVE-2015-7661/
SUSE CVE CVE-2015-7661 page
https://www.suse.com/security/cve/CVE-2015-7662/
SUSE CVE CVE-2015-7662 page
https://www.suse.com/security/cve/CVE-2015-7663/
SUSE CVE CVE-2015-7663 page
https://www.suse.com/security/cve/CVE-2015-8042/
SUSE CVE CVE-2015-8042 page
https://www.suse.com/security/cve/CVE-2015-8043/
SUSE CVE CVE-2015-8043 page
https://www.suse.com/security/cve/CVE-2015-8044/
SUSE CVE CVE-2015-8044 page
https://www.suse.com/security/cve/CVE-2015-8046/
SUSE CVE CVE-2015-8046 page
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
flash-player-11.2.202.548-0.26.1
flash-player-gnome-11.2.202.548-0.26.1
flash-player-kde4-11.2.202.548-0.26.1
flash-player-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP3
flash-player-gnome-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP3
flash-player-kde4-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP3
flash-player-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
flash-player-gnome-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
flash-player-kde4-11.2.202.548-0.26.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7651
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7651.html
CVE-2015-7651
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted gridFitType property value, a different vulnerability than CVE-2015-7651, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7652
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7652.html
CVE-2015-7652
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted globalToLocal arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7653
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7653.html
CVE-2015-7653
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7654
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7654.html
CVE-2015-7654
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7655
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7655.html
CVE-2015-7655
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7656
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7656.html
CVE-2015-7656
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionCallMethod arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7657
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7657.html
CVE-2015-7657
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionInstanceOf arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7658
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7658.html
CVE-2015-7658
https://bugzilla.suse.com/954512
SUSE Bug 954512
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation.
CVE-2015-7659
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7659.html
CVE-2015-7659
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted setMask arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7660
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7660.html
CVE-2015-7660
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7661
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7661.html
CVE-2015-7661
https://bugzilla.suse.com/954512
SUSE Bug 954512
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors.
CVE-2015-7662
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7662.html
CVE-2015-7662
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-7663
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-7663.html
CVE-2015-7663
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-8042
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-8042.html
CVE-2015-8042
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.
CVE-2015-8043
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-8043.html
CVE-2015-8043
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046.
CVE-2015-8044
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-8044.html
CVE-2015-8044
https://bugzilla.suse.com/954512
SUSE Bug 954512
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044.
CVE-2015-8046
SUSE Linux Enterprise Desktop 11 SP3:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP3:flash-player-kde4-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.548-0.26.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.548-0.26.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151960-1/
https://www.suse.com/security/cve/CVE-2015-8046.html
CVE-2015-8046
https://bugzilla.suse.com/954512
SUSE Bug 954512