Oval Definition:	oval:com.redhat.rhsa:def:20150697
Revision Date: 2015-03-17 Version: 601 Title: RHSA-2015:0697: flash-plugin security update (Critical) Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-05 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339, CVE-2015-0334, CVE-2015-0336, CVE-2015-0338, CVE-2015-0341, CVE-2015-0342) This update also fixes a cross-domain policy bypass flaw and a file upload restriction bypass flaw. (CVE-2015-0337, CVE-2015-0340) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.451. Family: unix Class: patch Status: Reference(s): CVE-2015-0332 CVE-2015-0333 CVE-2015-0334 CVE-2015-0335 CVE-2015-0336 CVE-2015-0337 CVE-2015-0338 CVE-2015-0339 CVE-2015-0340 CVE-2015-0341 CVE-2015-0342 RHSA-2015:0697-00 Platform(s): Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Release Information Red Hat Enterprise Linux 5 is installed AND flash-plugin is earlier than 0:11.2.202.451-1.el5 AND flash-plugin is signed with Red Hat redhatrelease key OR Package Information flash-plugin is earlier than 0:11.2.202.451-1.el6 AND flash-plugin is signed with Red Hat redhatrelease2 key AND Red Hat Enterprise Linux 6 Client is installed OR Red Hat Enterprise Linux 6 Server is installed OR Red Hat Enterprise Linux 6 Workstation is installed OR Red Hat Enterprise Linux 6 ComputeNode is installed
BACK