Oval Definition:	oval:com.redhat.rhsa:def:20140745
Revision Date: 2014-06-11 Version: 601 Title: RHSA-2014:0745: flash-plugin security update (Critical) Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-16, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0534, CVE-2014-0535, CVE-2014-0536) Multiple flaws in flash-plugin could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.378. Family: unix Class: patch Status: Reference(s): CVE-2014-0531 CVE-2014-0532 CVE-2014-0533 CVE-2014-0534 CVE-2014-0535 CVE-2014-0536 RHSA-2014:0745-00 Platform(s): Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Release Information Red Hat Enterprise Linux 5 is installed AND flash-plugin is earlier than 0:11.2.202.378-1.el5 AND flash-plugin is signed with Red Hat redhatrelease key OR Package Information flash-plugin is earlier than 0:11.2.202.378-1.el6 AND flash-plugin is signed with Red Hat redhatrelease2 key AND Red Hat Enterprise Linux 6 Client is installed OR Red Hat Enterprise Linux 6 Server is installed OR Red Hat Enterprise Linux 6 Workstation is installed OR Red Hat Enterprise Linux 6 ComputeNode is installed
BACK