FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2c12ae0c-c38d-11e0-8eb7-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2011-05-13
Entry 2011-08-10
Modified 2012-11-05
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.5

CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
4a3482da-3624-11e0-b995-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2011-02-08
Entry 2011-02-11
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r152

CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0573
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
http://www.adobe.com/support/security/bulletins/apsb11-02.html
32b05547-6913-11e0-bdc4-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.


Discovery 2011-01-20
Entry 2011-04-17
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.2r159.1

CVE-2011-0611
http://www.adobe.com/support/security/advisories/apsa11-02.html
76b597e4-e9c6-11df-9e10-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-09-28
Entry 2010-11-06
linux-flashplugin
lt 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r102

CVE-2010-3636
CVE-2010-3637
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3676
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.adobe.com/support/security/advisories/apsa10-05.html
8a34d9e6-c662-11df-b2e1-001b2134ef46linux-flashplugin -- remote code execution

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.


Discovery 2010-09-14
Entry 2010-09-22
linux-flashplugin
lt 9.0r283

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r85

CVE-2010-2884
http://www.adobe.com/support/security/advisories/apsa10-03.html
e19e74a4-a712-11df-b234-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-01-06
Entry 2010-08-13
linux-flashplugin
lt 9.0r280

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r82

CVE-2010-0209
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
http://www.adobe.com/support/security/bulletins/apsb10-16.html
d226626c-857f-11e0-95cc-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.2.159.1 and earlier versions (Adobe Flash Player 10.2.154.28 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51 and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.


Discovery 2011-01-20
Entry 2011-05-23
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.14

CVE-2011-0579
CVE-2011-0618
CVE-2011-0619
CVE-2011-0620
CVE-2011-0621
CVE-2011-0622
CVE-2011-0623
CVE-2011-0624
CVE-2011-0625
CVE-2011-0626
CVE-2011-0627
http://www.adobe.com/support/security/bulletins/apsb11-12.html
144e524a-77eb-11df-ae06-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.45.2 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2008-10-02
Entry 2010-06-14
linux-flashplugin
lt 9.0r277

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r53

CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189
http://www.adobe.com/support/security/bulletins/apsb10-14.html
ff6519ad-18e5-11df-9bdd-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).


Discovery 2010-02-11
Entry 2010-02-13
linux-flashplugin
lt 9.0r262

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.0r45

CVE-2010-0186
CVE-2010-0187
http://www.adobe.com/support/security/bulletins/apsb10-06.html
57573136-920e-11e0-bdc9-001b2134ef46linux-flashplugin -- cross-site scripting vulnerability

Adobe Product Security Incident Response Team reports:

An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.


Discovery 2011-05-13
Entry 2011-06-08
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.22

CVE-2011-2107
http://www.adobe.com/support/security/bulletins/apsb11-13.html
53e531a7-e559-11e0-b481-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.186.6 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website.


Discovery 2011-06-06
Entry 2011-09-22
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.10

https://www.adobe.com/support/security/bulletins/apsb11-26.html
CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444
3c1a672e-e508-11de-9f4a-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2009-07-14
Entry 2009-12-09
linux-flashplugin
lt 9.0r260

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.0r42

CVE-2009-3794
CVE-2009-3796
CVE-2009-3797
CVE-2009-3798
CVE-2009-3799
CVE-2009-3800
CVE-2009-3951
http://www.zerodayinitiative.com/advisories/ZDI-09-092/
http://www.zerodayinitiative.com/advisories/ZDI-09-093/
http://www.adobe.com/support/security/bulletins/apsb09-19.html
78f456fd-9c87-11dd-a55e-00163e000016linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Potential vulnerabilities have been identified in Adobe Flash Player 9.0.124.0 and earlier that could allow an attacker who successfully exploits these potential vulnerabilities to bypass Flash Player security controls. Adobe recommends users update to the most current version of Flash Player available for their platform.


Discovery 2008-10-15
Entry 2008-10-17
linux-flashplugin
le 9.0r124_1

CVE-2007-6243
CVE-2008-3873
CVE-2007-4324
CVE-2008-4401
CVE-2008-4503
http://www.adobe.com/support/security/bulletins/apsb08-18.html
55a528e8-9787-11e0-b24a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.


Discovery 2011-05-13
Entry 2011-06-15
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.26

CVE-2011-2110
http://www.adobe.com/support/security/bulletins/apsb11-18.html
04c6187d-2d8f-11dd-98c9-00163e000016linux-flashplugin -- unspecified remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

An exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). This exploit does NOT appear to include a new, unpatched vulnerability as has been reported elsewhere - customers with Flash Player 9.0.124.0 should not be vulnerable to this exploit.


Discovery 2008-05-27
Entry 2008-05-30
linux-flashplugin
lt 9.0r124

29386
CVE-2007-0071
http://blogs.adobe.com/psirt/
562cf6c4-b9f1-11dc-a302-000102cc8983linux-flashplugin -- multiple vulnerabilities

Adobe Security bulletin:

Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.


Discovery 2007-12-18
Entry 2008-01-03
linux-flashplugin
ge 9.0 lt 9.0r115

ge 7.0 lt 7.0r73

CVE-2007-6242
CVE-2007-4768
CVE-2007-5275
CVE-2007-6243
CVE-2007-6244
CVE-2007-6245
CVE-2007-4324
CVE-2007-6246
CVE-2007-5476
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://secunia.com/advisories/28161/
b42e8c32-34f6-11dc-9bc9-001921ab2fa4linux-flashplugin -- critical vulnerabilities

Adobe reports:

Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities.


Discovery 2007-07-10
Entry 2007-07-18
linux-flashplugin
gt 9.0 le 9.0r45

gt 8.0 le 8.0r34

le 7.0r69

CVE-2007-2022
CVE-2007-3456
CVE-2007-3457
501ee07a-5640-11e0-985a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.


Discovery 2011-01-20
Entry 2011-03-24
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r153

CVE-2011-0609
http://www.adobe.com/support/security/advisories/apsa11-01.html