rpm package

suse/flash-player&distro=SUSE Linux Enterprise Desktop 12 SP1

pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Vulnerabilities (389)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-2997	Hig	8.8	< 25.0.0.127-162.1	25.0.0.127-162.1	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2995	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2994	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2993	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2992	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2991	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2988	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2987	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2986	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2985	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2982	Hig	8.8	< 24.0.0.221-158.1	24.0.0.221-158.1	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2938	Med	6.5	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
CVE-2017-2937	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2936	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2935	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2934	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2933	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2932	Hig	8.8	< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.

CVE-2017-2997HigMar 14, 2017
affected < 25.0.0.127-162.1fixed 25.0.0.127-162.1
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2995HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2994HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2993HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2992HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2991HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2988HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2987HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2986HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2985HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2982HigFeb 15, 2017
affected < 24.0.0.221-158.1fixed 24.0.0.221-158.1
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2938MedJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
CVE-2017-2937HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2936HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2935HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2934HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2933HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2932HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.

Page 2 of 20