Oval Definition:	oval:com.redhat.rhsa:def:20141173
Revision Date: 2014-09-10 Version: 601 Title: RHSA-2014:1173: flash-plugin security update (Critical) Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0548) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.406. Family: unix Class: patch Status: Reference(s): CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 RHSA-2014:1173-00 Platform(s): Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Release Information Red Hat Enterprise Linux 5 is installed AND flash-plugin is earlier than 0:11.2.202.406-1.el5 AND flash-plugin is signed with Red Hat redhatrelease key OR Package Information flash-plugin is earlier than 0:11.2.202.406-1.el6 AND flash-plugin is signed with Red Hat redhatrelease2 key AND Red Hat Enterprise Linux 6 Client is installed OR Red Hat Enterprise Linux 6 Server is installed OR Red Hat Enterprise Linux 6 Workstation is installed OR Red Hat Enterprise Linux 6 ComputeNode is installed
BACK