SUSE Security Update: Security update for flash-player
______________________________________________________________________________
Announcement ID:
References:
Cross-References:
Affected Products:
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes one version update.
Description:
Adobe Flash Player was updated to version 11.2.202.440 (bsc#914463,
APSA15-01, CVE-).
More information can be found at
An update of flashplayer (executable binary) for i386 is currently not
available and was thus disabled.
Security Issues:
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-flash-player-10226
To bring your system up-to-date, use &zypper patch&.
Package List:
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version:
11.2.202.440]:
flash-player-11.2.202.440-0.3.1
flash-player-gnome-11.2.202.440-0.3.1
flash-player-kde4-11.2.202.440-0.3.1
References:
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx
This Thread
No further messagesAdobe Flash Player 11.5.502.149 (Critical Security Update)
Adobe Flash Player is the high performance, lightweight, highly expressive client runtime that delivers powerful and consistent user experiences across major operating systems, browsers, mobile phones and devices.
Installed on over 750 million Internet-connected desktops and mobile devices, Flash Player enables organizations and individuals to build and deliver great digital experiences to their end users.
Immersive experiences with Flash video, content and applications with full-screen mode.
Low-bandwidth, high-quality video with advanced compression technology.
High-fidelity text using the advanced text rendering engine.
Real-time dynamic effects with filters for Blur, DropShadow, Glow, Bevel, Gradient Glow, Gradient Bevel, Displacement Map, Convolution, and Color Matrix.
Innovative media compositions with 8-bit video alpha channels.
Blend modes, radial gradient, and stroke enhancements.
Additional image formats: GIF, Progressive JPEG, and PNG.
What's new in this version:
February 7th, 2013. Adobe has released security updates for Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.Adobe is aware of reports that CVE- is being exploited in the wild in targeted attacks designed to trick the user into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content. The exploit for CVE- targets the ActiveX version of Flash Player on Windows.
Adobe is also aware of reports that CVE- is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.
Download for Firefox, Safari, Opera:
| 15.6 MB (Freeware)
Download for Internet Explorer:
Related Stories
Please enter your reason for reporting this comment.
The following codes can be used in comments.
[b]bold[/b]
[i]italics[/i]
[u]underline[/u]
[s]strikethrough[/s]
[url]link[/url]
[img]imageurl[/img]
[quote]text[/quote]
Username or email:
Remember meAdobe - Security Bulletins: APSB13-18 - Security Update available for Adobe Shockwave Player
Security bulletin
Security update available for Adobe Shockwave Player
Release date: July 9, 2013
Vulnerability identifier: APSB13-18
CVE number: CVE-
Platform: Windows and Macintosh
Adobe has released a security update for Adobe Shockwave Player 12.0.2.122 and earlier versions on the Windows and Macintosh operating systems.
This update addresses a vulnerability that could allow an attacker, who successfully exploits this vulnerability, to run malicious code on the affected system.
Adobe recommends users of Adobe Shockwave Player 12.0.2.122 and earlier versions update to Adobe Shockwave Player 12.0.3.133 using the instructions provided in the &Solution& section below.
Affected software versions
Adobe Shockwave Player 12.0.2.122 and earlier versions for Windows and Macintosh
Adobe recommends users of Adobe Shockwave Player 12.0.2.122 and earlier versions update to the newest version 12.0.3.133, available here:
Priority and severity ratings
Adobe categorizes this update with the following
and recommends users update their installation to the newest version:
Updated version
Priority rating
Adobe Shockwave Player
12.0.3.133
Windows & Macintosh
This update addresses a
vulnerability in the software.
Adobe has released a security update for Adobe Shockwave Player 12.0.2.122 and earlier versions on the Windows and Macintosh operating systems.
This update addresses a vulnerability that could allow an attacker, who successfully exploits this vulnerability, to run malicious code on the affected system.
Adobe recommends users of Adobe Shockwave Player 12.0.2.122 and earlier versions update to Adobe Shockwave Player 12.0.3.133 using the instructions provided in the &Solution& section above.
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-).
Acknowledgments
Adobe would like to thank Honggang Ren of
(CVE-) for reporting this issue and for working with Adobe to help protect our customers.Adobe Issues HotFix For ColdFusion | Threatpost | The first stop for security news
“This hotfix resolves two input validation issues that could be used in reflected cross-site scripting attacks,” Adobe said in its . “This hotfix also includes an updated version of BlazeDS that resolves an important
server-side request forgery vulnerability.”
Adobe also released , affecting versions 4.7, 4.6.2, 4.5, 3.1 and 3.0.x on Windows, Mac OS X and UNIX machines. LiveCycle Data Services is Adobe’s application framework.
The update patches the same server-side request forgery vulnerability patched in ColdFusion (CVE-) and also includes a new version of BlazeDS, a Java-based remote messaging feature included in both products. James Kettle of PortSwigger Web Security is credited with reporting the issue to Adobe.
Finally, Adobe released a , patching an input validation vulnerability in versions 1.1.1 of the mobile video-editing application.
This is the second
since August, when Adobe patched the products twice in a nine-day period.
Categories:
Recommended Reads
Top Stories
Hurray! We’ve launched our KICS (Kaspersky Industrial CyberSecurity), the special cyber-inoculation against cyber-disease, which protect factories, power plants, hospitals, airports, hotels, war...
In Q1, resources in 74 countries were targeted by DDoS attacks. China, the US and South Korea remained the leaders in terms of number of DDoS attacks and number of targets. The longest DDoS attack in ...
We’ve seen drones armed with chainsaws and guns. More alarming though is how easily they can be hacked....
Remember the beginning of Terminator 2: The Judgement Day where John Connor is shown hacking an ATM with an Atari Portfolio?
When we’re studying or conducting a project using a large amount of information we need somewhere to store the information. Sometimes our everyday household chores also need arranging. In the pr...