rpm package

suse/flash-player&distro=SUSE Linux Enterprise Workstation Extension 12 SP1

pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1

Vulnerabilities (389)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2017-2931	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2930	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2928	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2927	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925	Hig	8.8		< 24.0.0.194-155.1	24.0.0.194-155.1	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7892	Hig	8.8	KEV	< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7890	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
CVE-2016-7881	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7880	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7879	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7878	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7877	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
CVE-2016-7876	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7875	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7874	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7873	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7872	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870	Hig	8.8		< 24.0.0.186-152.1	24.0.0.186-152.1	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.

CVE-2017-2931HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2930HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2928HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2927HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925HigJan 11, 2017
affected < 24.0.0.194-155.1fixed 24.0.0.194-155.1
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7892HigKEVDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7890HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
CVE-2016-7881HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7880HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7879HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7878HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7877HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.
CVE-2016-7876HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7875HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7874HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7873HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7872HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870HigDec 15, 2016
affected < 24.0.0.186-152.1fixed 24.0.0.186-152.1
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.

Page 3 of 20