FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
32b05547-6913-11e0-bdc4-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.


Discovery 2011-01-20
Entry 2011-04-17
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.2r159.1

CVE-2011-0611
http://www.adobe.com/support/security/advisories/apsa11-02.html
57573136-920e-11e0-bdc9-001b2134ef46linux-flashplugin -- cross-site scripting vulnerability

Adobe Product Security Incident Response Team reports:

An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.


Discovery 2011-05-13
Entry 2011-06-08
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.3r181.22

CVE-2011-2107
http://www.adobe.com/support/security/bulletins/apsb11-13.html
4a3482da-3624-11e0-b995-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2011-02-08
Entry 2011-02-11
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
< 10.2r152

CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0573
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
http://www.adobe.com/support/security/bulletins/apsb11-02.html
55a528e8-9787-11e0-b24a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.


Discovery 2011-05-13
Entry 2011-06-15
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.3r181.26

CVE-2011-2110
http://www.adobe.com/support/security/bulletins/apsb11-18.html
53e531a7-e559-11e0-b481-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.186.6 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website.


Discovery 2011-06-06
Entry 2011-09-22
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.3r183.10

https://www.adobe.com/support/security/bulletins/apsb11-26.html
CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444
d226626c-857f-11e0-95cc-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.2.159.1 and earlier versions (Adobe Flash Player 10.2.154.28 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51 and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.


Discovery 2011-01-20
Entry 2011-05-23
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.3r181.14

CVE-2011-0579
CVE-2011-0618
CVE-2011-0619
CVE-2011-0620
CVE-2011-0621
CVE-2011-0622
CVE-2011-0623
CVE-2011-0624
CVE-2011-0625
CVE-2011-0626
CVE-2011-0627
http://www.adobe.com/support/security/bulletins/apsb11-12.html
76b597e4-e9c6-11df-9e10-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-09-28
Entry 2010-11-06
linux-flashplugin
< 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r102

CVE-2010-3636
CVE-2010-3637
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3676
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.adobe.com/support/security/advisories/apsa10-05.html
2c12ae0c-c38d-11e0-8eb7-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2011-05-13
Entry 2011-08-10
Modified 2012-11-05
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
< 10.3r183.5

CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
501ee07a-5640-11e0-985a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.


Discovery 2011-01-20
Entry 2011-03-24
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
< 10.2r153

CVE-2011-0609
http://www.adobe.com/support/security/advisories/apsa11-01.html
8a34d9e6-c662-11df-b2e1-001b2134ef46linux-flashplugin -- remote code execution

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.


Discovery 2010-09-14
Entry 2010-09-22
linux-flashplugin
< 9.0r283

linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r85

CVE-2010-2884
http://www.adobe.com/support/security/advisories/apsa10-03.html
e19e74a4-a712-11df-b234-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-01-06
Entry 2010-08-13
linux-flashplugin
< 9.0r280

linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r82

CVE-2010-0209
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
http://www.adobe.com/support/security/bulletins/apsb10-16.html