rpm package

suse/flash-player&distro=SUSE Linux Enterprise Desktop 12 SP1

pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Vulnerabilities (389)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-3074	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3073	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3072	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3071	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3070	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3069	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3068	Hig	8.8	< 25.0.0.171-168.1	25.0.0.171-168.1	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3064	Hig	7.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3063	Cri	9.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3062	Cri	9.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3061	Cri	9.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3060	Cri	9.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3059	Cri	9.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3058	Hig	7.8	< 25.0.0.148-165.1	25.0.0.148-165.1	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3003	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3002	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3001	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3000	Med	6.5	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
CVE-2017-2999	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3074HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3073HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3072HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3071HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3070HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3069HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3068HigMay 9, 2017
affected < 25.0.0.171-168.1fixed 25.0.0.171-168.1
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3064HigApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3063CriApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3062CriApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3061CriApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3060CriApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3059CriApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3058HigApr 12, 2017
affected < 25.0.0.148-165.1fixed 25.0.0.148-165.1
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3003HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3002HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3001HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3000MedMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.
CVE-2017-2999HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.

Page 1 of 20