Security update for flash-player
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2016:0716-1
Final
1
1
2016-03-11T09:04:23Z
current
2016-03-11T09:04:23Z
2016-03-11T09:04:23Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for flash-player
Adobe flash-player was updated to 11.2.202.577 to fix the following
list of security issues (bsc#970547):
These updates resolve integer overflow vulnerabilities that could lead
to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010).
These updates resolve use-after-free vulnerabilities that could
lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990,
CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997,
CVE-2016-0998, CVE-2016-0999, CVE-2016-1000).
These updates resolve a heap overflow vulnerability that could lead to
code execution (CVE-2016-1001).
These updates resolve memory corruption vulnerabilities that could
lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962,
CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002,
CVE-2016-1005).
Adobe advisory with more information:
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
sledsp4-flash-player-12443
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
Link for SUSE-SU-2016:0716-1
https://lists.suse.com/pipermail/sle-security-updates/2016-March/001921.html
E-Mail link for SUSE-SU-2016:0716-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/970547
SUSE Bug 970547
https://www.suse.com/security/cve/CVE-2016-0960/
SUSE CVE CVE-2016-0960 page
https://www.suse.com/security/cve/CVE-2016-0961/
SUSE CVE CVE-2016-0961 page
https://www.suse.com/security/cve/CVE-2016-0962/
SUSE CVE CVE-2016-0962 page
https://www.suse.com/security/cve/CVE-2016-0963/
SUSE CVE CVE-2016-0963 page
https://www.suse.com/security/cve/CVE-2016-0986/
SUSE CVE CVE-2016-0986 page
https://www.suse.com/security/cve/CVE-2016-0987/
SUSE CVE CVE-2016-0987 page
https://www.suse.com/security/cve/CVE-2016-0988/
SUSE CVE CVE-2016-0988 page
https://www.suse.com/security/cve/CVE-2016-0989/
SUSE CVE CVE-2016-0989 page
https://www.suse.com/security/cve/CVE-2016-0990/
SUSE CVE CVE-2016-0990 page
https://www.suse.com/security/cve/CVE-2016-0991/
SUSE CVE CVE-2016-0991 page
https://www.suse.com/security/cve/CVE-2016-0992/
SUSE CVE CVE-2016-0992 page
https://www.suse.com/security/cve/CVE-2016-0993/
SUSE CVE CVE-2016-0993 page
https://www.suse.com/security/cve/CVE-2016-0994/
SUSE CVE CVE-2016-0994 page
https://www.suse.com/security/cve/CVE-2016-0995/
SUSE CVE CVE-2016-0995 page
https://www.suse.com/security/cve/CVE-2016-0996/
SUSE CVE CVE-2016-0996 page
https://www.suse.com/security/cve/CVE-2016-0997/
SUSE CVE CVE-2016-0997 page
https://www.suse.com/security/cve/CVE-2016-0998/
SUSE CVE CVE-2016-0998 page
https://www.suse.com/security/cve/CVE-2016-0999/
SUSE CVE CVE-2016-0999 page
https://www.suse.com/security/cve/CVE-2016-1000/
SUSE CVE CVE-2016-1000 page
https://www.suse.com/security/cve/CVE-2016-1001/
SUSE CVE CVE-2016-1001 page
https://www.suse.com/security/cve/CVE-2016-1002/
SUSE CVE CVE-2016-1002 page
https://www.suse.com/security/cve/CVE-2016-1005/
SUSE CVE CVE-2016-1005 page
https://www.suse.com/security/cve/CVE-2016-1010/
SUSE CVE CVE-2016-1010 page
SUSE Linux Enterprise Desktop 11 SP4
flash-player-11.2.202.577-0.38.1
flash-player-gnome-11.2.202.577-0.38.1
flash-player-kde4-11.2.202.577-0.38.1
flash-player-11.2.202.577-0.38.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
flash-player-gnome-11.2.202.577-0.38.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
flash-player-kde4-11.2.202.577-0.38.1 as a component of SUSE Linux Enterprise Desktop 11 SP4
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0960
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0960.html
CVE-2016-0960
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0961
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0961.html
CVE-2016-0961
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0962
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0962.html
CVE-2016-0962
https://bugzilla.suse.com/970547
SUSE Bug 970547
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
CVE-2016-0963
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0963.html
CVE-2016-0963
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0986
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0986.html
CVE-2016-0986
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0987
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0987.html
CVE-2016-0987
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0988
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0988.html
CVE-2016-0988
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0989
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0989.html
CVE-2016-0989
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0990
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0990.html
CVE-2016-0990
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0991
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0991.html
CVE-2016-0991
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
CVE-2016-0992
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0992.html
CVE-2016-0992
https://bugzilla.suse.com/970547
SUSE Bug 970547
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
CVE-2016-0993
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0993.html
CVE-2016-0993
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0994
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0994.html
CVE-2016-0994
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0995
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0995.html
CVE-2016-0995
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0996
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0996.html
CVE-2016-0996
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0997
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0997.html
CVE-2016-0997
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
CVE-2016-0998
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0998.html
CVE-2016-0998
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
CVE-2016-0999
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-0999.html
CVE-2016-0999
https://bugzilla.suse.com/970547
SUSE Bug 970547
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
CVE-2016-1000
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-1000.html
CVE-2016-1000
https://bugzilla.suse.com/1016168
SUSE Bug 1016168
https://bugzilla.suse.com/1016169
SUSE Bug 1016169
https://bugzilla.suse.com/1016366
SUSE Bug 1016366
https://bugzilla.suse.com/970547
SUSE Bug 970547
https://bugzilla.suse.com/988484
SUSE Bug 988484
https://bugzilla.suse.com/988486
SUSE Bug 988486
https://bugzilla.suse.com/988487
SUSE Bug 988487
https://bugzilla.suse.com/988488
SUSE Bug 988488
https://bugzilla.suse.com/988489
SUSE Bug 988489
https://bugzilla.suse.com/988491
SUSE Bug 988491
https://bugzilla.suse.com/988492
SUSE Bug 988492
https://bugzilla.suse.com/989125
SUSE Bug 989125
https://bugzilla.suse.com/989170
SUSE Bug 989170
https://bugzilla.suse.com/989172
SUSE Bug 989172
https://bugzilla.suse.com/989174
SUSE Bug 989174
https://bugzilla.suse.com/989523
SUSE Bug 989523
https://bugzilla.suse.com/989532
SUSE Bug 989532
https://bugzilla.suse.com/989569
SUSE Bug 989569
https://bugzilla.suse.com/989989
SUSE Bug 989989
https://bugzilla.suse.com/989995
SUSE Bug 989995
https://bugzilla.suse.com/989997
SUSE Bug 989997
https://bugzilla.suse.com/990847
SUSE Bug 990847
https://bugzilla.suse.com/997861
SUSE Bug 997861
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2016-1001
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-1001.html
CVE-2016-1001
https://bugzilla.suse.com/1016340
SUSE Bug 1016340
https://bugzilla.suse.com/1016368
SUSE Bug 1016368
https://bugzilla.suse.com/1016369
SUSE Bug 1016369
https://bugzilla.suse.com/1016370
SUSE Bug 1016370
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
CVE-2016-1002
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-1002.html
CVE-2016-1002
https://bugzilla.suse.com/1014298
SUSE Bug 1014298
https://bugzilla.suse.com/970547
SUSE Bug 970547
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
CVE-2016-1005
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-1005.html
CVE-2016-1005
https://bugzilla.suse.com/970547
SUSE Bug 970547
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
CVE-2016-1010
SUSE Linux Enterprise Desktop 11 SP4:flash-player-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-gnome-11.2.202.577-0.38.1
SUSE Linux Enterprise Desktop 11 SP4:flash-player-kde4-11.2.202.577-0.38.1
critical
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20160716-1/
https://www.suse.com/security/cve/CVE-2016-1010.html
CVE-2016-1010
https://bugzilla.suse.com/970547
SUSE Bug 970547