FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  514783
Date:      2019-10-19
Time:      09:52:18Z
Committer: wen

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8a34d9e6-c662-11df-b2e1-001b2134ef46linux-flashplugin -- remote code execution

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.


Discovery 2010-09-14
Entry 2010-09-22
linux-flashplugin
lt 9.0r283

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r85

CVE-2010-2884
http://www.adobe.com/support/security/advisories/apsa10-03.html
4b8b748e-2a24-11e2-bb44-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-10-08
Entry 2012-11-02
linux-f10-flashplugin
le 11.2r202.243

CVE-2012-5274
CVE-2012-5275
CVE-2012-5276
CVE-2012-5277
CVE-2012-5278
CVE-2012-5279
CVE-2012-5280
https://www.adobe.com/support/security/bulletins/apsb12-24.html
c0ef849e-84ac-11e3-bec4-9c4e36909cc0linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2014-01-14
Entry 2014-01-24
linux-f10-flashplugin
lt 11.2r202.335

CVE-2014-0491
CVE-2014-0492
http://helpx.adobe.com/security/products/flash-player/apsb14-02.html
501ee07a-5640-11e0-985a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.


Discovery 2011-01-20
Entry 2011-03-24
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r153

CVE-2011-0609
http://www.adobe.com/support/security/advisories/apsa11-01.html
144e524a-77eb-11df-ae06-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.45.2 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2008-10-02
Entry 2010-06-14
linux-flashplugin
lt 9.0r277

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r53

CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189
http://www.adobe.com/support/security/bulletins/apsb10-14.html
4a3482da-3624-11e0-b995-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2011-02-08
Entry 2011-02-11
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r152

CVE-2011-0573
CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
http://www.adobe.com/support/security/bulletins/apsb11-02.html
1e63db88-1050-11e5-a4df-c485083ca99cAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.

These updates resolve a vulnerability (CVE-2015-3096) that could be exploited to bypass the fix for CVE-2014-5333.

These updates improve memory address randomization of the Flash heap for the Window 7 64-bit platform (CVE-2015-3097).

These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-3098, CVE-2015-3099, CVE-2015-3102).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-3100).

These updates resolve a permission issue in the Flash broker for Internet Explorer that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2015-3101).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-3104).

These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2015-3105).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-3103, CVE-2015-3106, CVE-2015-3107).

These updates resolve a memory leak vulnerability that could be used to bypass ASLR (CVE-2015-3108).


Discovery 2015-06-09
Entry 2015-06-11
linux-c6-flashplugin
lt 11.2r202.466

linux-f10-flashplugin
lt 11.2r202.466

https://helpx.adobe.com/security/products/flash-player/apsb15-11.html
CVE-2015-3096
CVE-2015-3097
CVE-2015-3098
CVE-2015-3099
CVE-2015-3100
CVE-2015-3101
CVE-2015-3102
CVE-2015-3103
CVE-2015-3104
CVE-2015-3105
CVE-2015-3106
CVE-2015-3107
CVE-2015-3108
84c7ea88-bf04-4bdc-973b-36744bf540abflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-8644).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-8651).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645).


Discovery 2015-12-28
Entry 2015-12-29
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.559

CVE-2015-8459
CVE-2015-8460
CVE-2015-8634
CVE-2015-8636
CVE-2015-8638
CVE-2015-8639
CVE-2015-8640
CVE-2015-8641
CVE-2015-8642
CVE-2015-8643
CVE-2015-8644
CVE-2015-8645
CVE-2015-8646
CVE-2015-8647
CVE-2015-8648
CVE-2015-8649
CVE-2015-8650
CVE-2015-8651
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
0e8e1212-0ce5-11e1-849b-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android.

In addition a patch was released for users of flash10.


Discovery 2011-11-10
Entry 2011-11-11
linux-f10-flashplugin
lt 10.3r183.11

gt 11 lt 11.1r102.55

CVE-2011-2445
CVE-2011-2450
CVE-2011-2451
CVE-2011-2452
CVE-2011-2453
CVE-2011-2454
CVE-2011-2455
CVE-2011-2456
CVE-2011-2457
CVE-2011-2458
CVE-2011-2459
CVE-2011-2460
https://www.adobe.com/support/security/bulletins/apsb11-28.html
84147b46-e876-486d-b746-339ee45a8bb9flash -- remote code execution

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-7645, CVE-2015-7647, CVE-2015-7648).


Discovery 2015-10-16
Entry 2015-10-16
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.540

CVE-2015-7645
CVE-2015-7647
CVE-2015-7648
https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
1657a3e6-4585-11e2-a396-10bf48230856linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-12-11
Entry 2012-12-14
linux-f10-flashplugin
le 11.2r202.258

CVE-2012-5676
CVE-2012-5677
CVE-2012-5678
501ee07a-5640-11e0-985a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.


Discovery 2011-01-20
Entry 2011-03-24
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r153

CVE-2011-0609
http://www.adobe.com/support/security/advisories/apsa11-01.html
a0c65049-bddd-11e2-a0f6-001060e06fd4linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-05-14
Entry 2013-05-16
linux-f10-flashplugin
lt 11.2r202.285

CVE-2013-2728
CVE-2013-3324
CVE-2013-3325
CVE-2013-3326
CVE-2013-3327
CVE-2013-3328
CVE-2013-3329
CVE-2013-3330
CVE-2013-3331
CVE-2013-3332
CVE-2013-3333
CVE-2013-3334
CVE-2013-3335
ff6519ad-18e5-11df-9bdd-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).


Discovery 2010-02-11
Entry 2010-02-13
linux-flashplugin
lt 9.0r262

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.0r45

CVE-2010-0186
CVE-2010-0187
http://www.adobe.com/support/security/bulletins/apsb10-06.html
414e6a41-7204-11e2-8599-001060e06fd4linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-02-07
Entry 2013-02-08
linux-f10-flashplugin
lt 11.2r202.262

CVE-2013-0633
CVE-2013-0634
https://www.adobe.com/support/security/bulletins/apsb13-04.html
38195f00-b215-11e1-8132-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-06-08
Entry 2012-06-09
linux-f10-flashplugin
lt 11.2r202.236

CVE-2012-2034
CVE-2012-2035
CVE-2012-2036
CVE-2012-2037
CVE-2012-2038
CVE-2012-2039
CVE-2012-2040
http://www.adobe.com/support/security/bulletins/apsb12-14.html
f63bf080-619d-11e1-91af-003067b2972clinux-flashplugin -- multiple vulnerabilities

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-02-15
Entry 2012-02-27
linux-f10-flashplugin
lt 11.1r102.62

CVE-2012-0751
CVE-2012-0752
CVE-2012-0753
CVE-2012-0754
CVE-2012-0755
CVE-2012-0756
CVE-2012-0767
https://www.adobe.com/support/security/bulletins/apsb12-03.html
adcbdba2-4c27-11e3-9848-98fc11cdc4f5linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-11-12
Entry 2013-11-12
linux-f10-flashplugin
lt 11.2r202.327

CVE-2013-5329
CVE-2013-5330
http://www.adobe.com/support/security/bulletins/apsb13-26.html
d226626c-857f-11e0-95cc-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.2.159.1 and earlier versions (Adobe Flash Player 10.2.154.28 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51 and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.


Discovery 2011-01-20
Entry 2011-05-23
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.14

CVE-2011-0579
CVE-2011-0618
CVE-2011-0619
CVE-2011-0620
CVE-2011-0621
CVE-2011-0622
CVE-2011-0623
CVE-2011-0624
CVE-2011-0625
CVE-2011-0626
CVE-2011-0627
http://www.adobe.com/support/security/bulletins/apsb11-12.html
9da3834b-6a50-11e1-91af-003067b2972clinux-flashplugin -- multiple vulnerabilities

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-03-05
Entry 2012-03-09
linux-f10-flashplugin
lt 11.1r102.63

CVE-2012-0768
CVE-2012-0769
https://www.adobe.com/support/security/bulletins/apsb12-05.html
348bfa69-25a2-11e5-ade1-0011d823eebdAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published.


Discovery 2015-07-07
Entry 2015-07-08
linux-c6-flashplugin
lt 11.2r202.481

linux-f10-flashplugin
lt 11.2r202.481

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
CVE-2015-5119
ff6519ad-18e5-11df-9bdd-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests. This update also resolves a potential Denial of Service issue (CVE-2010-0187).


Discovery 2010-02-11
Entry 2010-02-13
linux-flashplugin
lt 9.0r262

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.0r45

CVE-2010-0186
CVE-2010-0187
http://www.adobe.com/support/security/bulletins/apsb10-06.html
76b597e4-e9c6-11df-9e10-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-09-28
Entry 2010-11-06
linux-flashplugin
lt 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r102

CVE-2010-3636
CVE-2010-3637
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3676
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.adobe.com/support/security/advisories/apsa10-05.html
a522d6ac-4aed-11e6-97ea-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).

These updates resolve a memory leak vulnerability (CVE-2016-4232).

These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178).


Discovery 2016-07-12
Entry 2016-07-16
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.632

CVE-2016-4172
CVE-2016-4173
CVE-2016-4174
CVE-2016-4175
CVE-2016-4176
CVE-2016-4177
CVE-2016-4178
CVE-2016-4179
CVE-2016-4180
CVE-2016-4181
CVE-2016-4182
CVE-2016-4183
CVE-2016-4184
CVE-2016-4185
CVE-2016-4186
CVE-2016-4187
CVE-2016-4188
CVE-2016-4189
CVE-2016-4190
CVE-2016-4217
CVE-2016-4218
CVE-2016-4219
CVE-2016-4220
CVE-2016-4221
CVE-2016-4222
CVE-2016-4223
CVE-2016-4224
CVE-2016-4225
CVE-2016-4226
CVE-2016-4227
CVE-2016-4228
CVE-2016-4229
CVE-2016-4230
CVE-2016-4231
CVE-2016-4232
CVE-2016-4233
CVE-2016-4234
CVE-2016-4235
CVE-2016-4236
CVE-2016-4237
CVE-2016-4238
CVE-2016-4239
CVE-2016-4240
CVE-2016-4241
CVE-2016-4242
CVE-2016-4243
CVE-2016-4244
CVE-2016-4245
CVE-2016-4246
CVE-2016-4247
CVE-2016-4248
CVE-2016-4249
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
5d8e56c3-9e67-4d5b-81c9-3a409dfd705fflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-0985).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-0971).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981).


Discovery 2016-02-09
Entry 2016-02-10
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.569

CVE-2016-0964
CVE-2016-0965
CVE-2016-0966
CVE-2016-0967
CVE-2016-0968
CVE-2016-0969
CVE-2016-0970
CVE-2016-0971
CVE-2016-0972
CVE-2016-0973
CVE-2016-0974
CVE-2016-0975
CVE-2016-0976
CVE-2016-0977
CVE-2016-0978
CVE-2016-0979
CVE-2016-0980
CVE-2016-0981
CVE-2016-0982
CVE-2016-0983
CVE-2016-0984
CVE-2016-0985
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
f7b3d1eb-f738-11e5-a710-0011d823eebdflash -- multiple vulnerabilities

Adobe reports:

These updates resolve integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2016-1001).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, CVE-2016-1005).


Discovery 2016-03-10
Entry 2016-03-31
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.577

CVE-2016-0960
CVE-2016-0961
CVE-2016-0962
CVE-2016-0963
CVE-2016-0986
CVE-2016-0987
CVE-2016-0988
CVE-2016-0989
CVE-2016-0990
CVE-2016-0991
CVE-2016-0992
CVE-2016-0993
CVE-2016-0994
CVE-2016-0995
CVE-2016-0996
CVE-2016-0997
CVE-2016-0998
CVE-2016-0999
CVE-2016-1000
CVE-2016-1001
CVE-2016-1002
CVE-2016-1005
CVE-2016-1010
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
f63bf080-619d-11e1-91af-003067b2972clinux-flashplugin -- multiple vulnerabilities

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-02-15
Entry 2012-02-27
linux-f10-flashplugin
lt 11.1r102.62

CVE-2012-0751
CVE-2012-0752
CVE-2012-0753
CVE-2012-0754
CVE-2012-0755
CVE-2012-0756
CVE-2012-0767
https://www.adobe.com/support/security/bulletins/apsb12-03.html
1657a3e6-4585-11e2-a396-10bf48230856linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-12-11
Entry 2012-12-14
linux-f10-flashplugin
le 11.2r202.258

CVE-2012-5676
CVE-2012-5677
CVE-2012-5678
e19e74a4-a712-11df-b234-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-01-06
Entry 2010-08-13
linux-flashplugin
lt 9.0r280

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r82

CVE-2010-0209
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
http://www.adobe.com/support/security/bulletins/apsb10-16.html
32b05547-6913-11e0-bdc4-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.


Discovery 2011-01-20
Entry 2011-04-17
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.2r159.1

CVE-2011-0611
http://www.adobe.com/support/security/advisories/apsa11-02.html
96f6bf10-a731-11e6-95ca-0011d823eebdflash -- multiple vulnerabilities

Adobe reports:

  • These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-7860, CVE-2016-7861, CVE-2016-7865).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864).

Discovery 2016-11-08
Entry 2016-11-10
linux-c6-flashplugin
linux-c7-flashplugin
linux-f10-flashplugin
lt 11.2r202.644

https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
CVE-2016-7857
CVE-2016-7858
CVE-2016-7859
CVE-2016-7860
CVE-2016-7861
CVE-2016-7862
CVE-2016-7863
CVE-2016-7864
CVE-2016-7865
20923a0d-82ba-11e1-8d7b-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

Multiple Priority 2 vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-04-05
Entry 2012-04-10
linux-f10-flashplugin
lt 11.2r202.228

CVE-2012-0724
CVE-2012-0725
CVE-2012-0772
CVE-2012-0773
https://www.adobe.com/support/security/bulletins/apsb12-07.html
5bd6811f-1c75-11e3-ba72-98fc11cdc4f5linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-09-10
Entry 2013-09-13
linux-f10-flashplugin
lt 11.2r202.310

CVE-2013-3361
CVE-2013-3362
CVE-2013-3363
CVE-2013-5324
http://www.adobe.com/support/security/bulletins/apsb13-21.html
d02f6b01-1a3f-11e5-8bd6-c485083ca99cAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP, are known targets.


Discovery 2015-06-23
Entry 2015-06-24
linux-c6-flashplugin
lt 11.2r202.466

linux-f10-flashplugin
lt 11.2r202.466

https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
CVE-2015-3113
ca44b64c-4453-11e4-9ea1-c485083ca99cFlash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2014-09-09
Entry 2014-09-25
linux-f10-flashplugin
lt 11.2r202.400

linux-c6-flashplugin
lt 11.2r202.400

CVE-2014-0547
CVE-2014-0548
CVE-2014-0549
CVE-2014-0550
CVE-2014-0551
CVE-2014-0552
CVE-2014-0553
CVE-2014-0554
CVE-2014-0555
CVE-2014-0556
CVE-2014-0557
CVE-2014-0559
http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
d226626c-857f-11e0-95cc-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.2.159.1 and earlier versions (Adobe Flash Player 10.2.154.28 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51 and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.


Discovery 2011-01-20
Entry 2011-05-23
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.14

CVE-2011-0579
CVE-2011-0618
CVE-2011-0619
CVE-2011-0620
CVE-2011-0621
CVE-2011-0622
CVE-2011-0623
CVE-2011-0624
CVE-2011-0625
CVE-2011-0626
CVE-2011-0627
http://www.adobe.com/support/security/bulletins/apsb11-12.html
8b3ecff5-c9b2-11e4-b71f-00bd5af88c00Adobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339). These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-0334, CVE-2015-0336). These updates resolve a vulnerability that could lead to a cross-domain policy bypass (CVE-2015-0337). These updates resolve a vulnerability that could lead to a file upload restriction bypass (CVE-2015-0340). These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-0338). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-0341, CVE-2015-0342).


Discovery 2015-03-12
Entry 2015-03-13
linux-c6-flashplugin
le 11.2r202.442

linux-f10-flashplugin
le 11.2r202.442

https://helpx.adobe.com/security/products/flash-player/apsb15-05.html
CVE-2015-0332
CVE-2015-0333
CVE-2015-0334
CVE-2015-0335
CVE-2015-0336
CVE-2015-0337
CVE-2015-0338
CVE-2015-0339
CVE-2015-0340
CVE-2015-0341
CVE-2015-0342
2c12ae0c-c38d-11e0-8eb7-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2011-05-13
Entry 2011-08-10
Modified 2012-11-05
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.5

CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
c8842a84-9ddd-11e5-8c2f-c485083ca99cflash -- multiple vulnerabilities

Adobe reports:

These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-8438, CVE-2015-8446).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417, CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8053, CVE-2015-8045, CVE-2015-8051, CVE-2015-8060, CVE-2015-8419, CVE-2015-8408).

These updates resolve security bypass vulnerabilities (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-8407).

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-8439).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-8445).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-8415).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437, CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436, CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412, CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422, CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425, CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426, CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8052, CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057, CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066, CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065, CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402, CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406, CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447).


Discovery 2015-12-08
Entry 2015-12-08
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.554

https://helpx.adobe.com/security/products/flash-player/apsb15-32.html
CVE-2015-8045
CVE-2015-8047
CVE-2015-8048
CVE-2015-8049
CVE-2015-8050
CVE-2015-8051
CVE-2015-8052
CVE-2015-8053
CVE-2015-8054
CVE-2015-8055
CVE-2015-8056
CVE-2015-8057
CVE-2015-8058
CVE-2015-8059
CVE-2015-8060
CVE-2015-8061
CVE-2015-8062
CVE-2015-8063
CVE-2015-8064
CVE-2015-8065
CVE-2015-8066
CVE-2015-8067
CVE-2015-8068
CVE-2015-8069
CVE-2015-8070
CVE-2015-8071
CVE-2015-8401
CVE-2015-8402
CVE-2015-8403
CVE-2015-8404
CVE-2015-8405
CVE-2015-8406
CVE-2015-8407
CVE-2015-8408
CVE-2015-8409
CVE-2015-8410
CVE-2015-8411
CVE-2015-8412
CVE-2015-8413
CVE-2015-8414
CVE-2015-8415
CVE-2015-8416
CVE-2015-8417
CVE-2015-8419
CVE-2015-8420
CVE-2015-8421
CVE-2015-8422
CVE-2015-8423
CVE-2015-8424
CVE-2015-8425
CVE-2015-8426
CVE-2015-8427
CVE-2015-8428
CVE-2015-8429
CVE-2015-8430
CVE-2015-8431
CVE-2015-8432
CVE-2015-8433
CVE-2015-8434
CVE-2015-8435
CVE-2015-8436
CVE-2015-8437
CVE-2015-8438
CVE-2015-8439
CVE-2015-8440
CVE-2015-8441
CVE-2015-8442
CVE-2015-8443
CVE-2015-8444
CVE-2015-8445
CVE-2015-8446
CVE-2015-8447
CVE-2015-8448
CVE-2015-8449
CVE-2015-8450
CVE-2015-8451
CVE-2015-8452
CVE-2015-8453
de6d01d5-9c44-11e6-ba67-0011d823eebdflash -- remote code execution

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10.


Discovery 2016-10-26
Entry 2016-10-27
linux-f10-flashplugin
linux-c6-flashplugin
linux-c7-flashplugin
lt 11.2r202.643

CVE-2016-7855
https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
37a87ade-a59f-11e4-958e-0011d823eebdAdobe Flash Player -- critical vulnerability

Adobe reports:

Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.


Discovery 2015-01-22
Entry 2015-01-26
linux-c6-flashplugin
le 11.2r202.438

linux-f10-flashplugin
le 11.2r202.438

CVE-2015-0311
https://helpx.adobe.com/security/products/flash-player/apsa15-01.html
cc294a2c-a232-11e4-8e9f-0011d823eebdAdobe Flash Player -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.


Discovery 2015-01-13
Entry 2015-01-22
linux-c6-flashplugin
lt 11.2r202.429

linux-f10-flashplugin
lt 11.2r202.429

CVE-2015-0301
CVE-2015-0302
CVE-2015-0303
CVE-2015-0304
CVE-2015-0305
CVE-2015-0306
CVE-2015-0307
CVE-2015-0308
CVE-2015-0309
http://helpx.adobe.com/security/products/flash-player/apsb15-01.html
9da3834b-6a50-11e1-91af-003067b2972clinux-flashplugin -- multiple vulnerabilities

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-03-05
Entry 2012-03-09
linux-f10-flashplugin
lt 11.1r102.63

CVE-2012-0768
CVE-2012-0769
https://www.adobe.com/support/security/bulletins/apsb12-05.html
144e524a-77eb-11df-ae06-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.45.2 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2008-10-02
Entry 2010-06-14
linux-flashplugin
lt 9.0r277

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r53

CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189
http://www.adobe.com/support/security/bulletins/apsb10-14.html
55a528e8-9787-11e0-b24a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.


Discovery 2011-05-13
Entry 2011-06-15
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.26

CVE-2011-2110
http://www.adobe.com/support/security/bulletins/apsb11-18.html
df428c01-ed91-11e2-9466-98fc11cdc4f5linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-07-09
Entry 2013-07-15
Modified 2013-07-18
linux-f10-flashplugin
lt 11.2r202.297

CVE-2013-3344
CVE-2013-3345
CVE-2013-3347
http://www.adobe.com/support/security/bulletins/apsb13-17.html
3364d497-e4e6-11e4-a265-c485083ca99cAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2015-3043 exists in the wild, and recommends users update their product installations to the latest versions.

  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043).
  • These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-0356).
  • These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-0348).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039).
  • These updates resolve double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359).
  • These updates resolve memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040).
  • These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-3044).

Discovery 2015-04-14
Entry 2015-04-17
linux-c6-flashplugin
le 11.2r202.451

linux-f10-flashplugin
le 11.2r202.451

https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
CVE-2015-3038
CVE-2015-3039
CVE-2015-3040
CVE-2015-3041
CVE-2015-3042
CVE-2015-3043
CVE-2015-3044
CVE-2015-0346
CVE-2015-0347
CVE-2015-0348
CVE-2015-0349
CVE-2015-0350
CVE-2015-0351
CVE-2015-0352
CVE-2015-0353
CVE-2015-0354
CVE-2015-0355
CVE-2015-0356
CVE-2015-0357
CVE-2015-0358
CVE-2015-0359
CVE-2015-0360
07888b49-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations (CVE-2016-1006).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1015, CVE-2016-1019).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, CVE-2016-1031).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2016-1018).

These updates resolve a security bypass vulnerability (CVE-2016-1030).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-1014).


Discovery 2016-04-07
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.616

CVE-2016-1006
CVE-2016-1011
CVE-2016-1012
CVE-2016-1013
CVE-2016-1014
CVE-2016-1015
CVE-2016-1016
CVE-2016-1017
CVE-2016-1018
CVE-2016-1019
CVE-2016-1020
CVE-2016-1021
CVE-2016-1022
CVE-2016-1023
CVE-2016-1024
CVE-2016-1025
CVE-2016-1026
CVE-2016-1027
CVE-2016-1028
CVE-2016-1029
CVE-2016-1030
CVE-2016-1031
CVE-2016-1032
CVE-2016-1033
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
53e531a7-e559-11e0-b481-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.186.6 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website.


Discovery 2011-06-06
Entry 2011-09-22
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.10

https://www.adobe.com/support/security/bulletins/apsb11-26.html
CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444
f3778328-d288-4b39-86a4-65877331eaf7Adobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-5128, CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562).

These updates include further hardening to a mitigation introduced in version 18.0.0.209 to defend against vector length corruptions (CVE-2015-5125).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-5550, CVE-2015-5551, CVE-2015-3107, CVE-2015-5556, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5557, CVE-2015-5559, CVE-2015-5127, CVE-2015-5563, CVE-2015-5561, CVE-2015-5124, CVE-2015-5564).

These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-5129, CVE-2015-5541).

These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2015-5131, CVE-2015-5132, CVE-2015-5133).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, CVE-2015-5553).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-5560).


Discovery 2015-08-11
Entry 2015-08-12
linux-c6-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.508

linux-f10-flashplugin
lt 11.2r202.508

CVE-2015-5553
CVE-2015-5554
CVE-2015-5555
CVE-2015-5556
CVE-2015-5557
CVE-2015-3107
CVE-2015-5124
CVE-2015-5125
CVE-2015-5127
CVE-2015-5128
CVE-2015-5129
CVE-2015-5130
CVE-2015-5131
CVE-2015-5132
CVE-2015-5133
CVE-2015-5134
CVE-2015-5539
CVE-2015-5540
CVE-2015-5541
CVE-2015-5544
CVE-2015-5545
CVE-2015-5546
CVE-2015-5547
CVE-2015-5548
CVE-2015-5549
CVE-2015-5550
CVE-2015-5551
CVE-2015-5552
CVE-2015-5558
CVE-2015-5559
CVE-2015-5560
CVE-2015-5561
CVE-2015-5562
CVE-2015-5563
CVE-2015-5564
https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
2c12ae0c-c38d-11e0-8eb7-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2011-05-13
Entry 2011-08-10
Modified 2012-11-05
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.5

CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
8d2d6bbd-2a02-11e5-a0af-bcaec565249cAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly.


Discovery 2015-07-10
Entry 2015-07-14
Modified 2015-07-16
linux-c6-flashplugin
lt 11.2r202.491

linux-f10-flashplugin
lt 11.2r202.491

CVE-2015-5122
CVE-2015-5123
https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
57573136-920e-11e0-bdc9-001b2134ef46linux-flashplugin -- cross-site scripting vulnerability

Adobe Product Security Incident Response Team reports:

An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.


Discovery 2011-05-13
Entry 2011-06-08
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.22

CVE-2011-2107
http://www.adobe.com/support/security/bulletins/apsb11-13.html
a63f2c06-726b-11e5-a12b-bcaec565249cflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-7628).

These updates include a defense-in-depth feature in the Flash broker API (CVE-2015-5569).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7629, CVE-2015-7631, CVE-2015-7643, CVE-2015-7644).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-7632).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, CVE-2015-7634).


Discovery 2015-10-13
Entry 2015-10-14
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.535

CVE-2015-5569
CVE-2015-7625
CVE-2015-7626
CVE-2015-7627
CVE-2015-7628
CVE-2015-7629
CVE-2015-7630
CVE-2015-7631
CVE-2015-7632
CVE-2015-7633
CVE-2015-7634
CVE-2015-7643
CVE-2015-7644
https://helpx.adobe.com/security/products/flash-player/apsb15-25.html
2482c798-93c6-11e6-846f-bc5ff4fb5ea1flash -- multiple vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-6992).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-6981, CVE-2016-6987).

These updates resolve a security bypass vulnerability (CVE-2016-4286).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990).


Discovery 2016-10-11
Entry 2016-10-24
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-c7-flashplugin
linux-f10-flashplugin
lt 11.2r202.637

CVE-2016-4273
CVE-2016-4286
CVE-2016-6981
CVE-2016-6982
CVE-2016-6983
CVE-2016-6984
CVE-2016-6985
CVE-2016-6986
CVE-2016-6987
CVE-2016-6989
CVE-2016-6990
CVE-2016-6992
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
4e3e8a50-65c1-11e5-948e-bcaec565249cflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-5573).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682).

These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677).

These updates include additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2015-5571).

These updates resolve a memory leak vulnerability (CVE-2015-5576).

These updates include further hardening to a mitigation to defend against vector length corruptions (CVE-2015-5568).

These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-5587).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572).

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679).


Discovery 2015-09-21
Entry 2015-09-28
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.521

CVE-2015-5567
CVE-2015-5568
CVE-2015-5570
CVE-2015-5571
CVE-2015-5572
CVE-2015-5573
CVE-2015-5574
CVE-2015-5575
CVE-2015-5576
CVE-2015-5577
CVE-2015-5578
CVE-2015-5588
CVE-2015-6676
CVE-2015-6677
CVE-2015-6678
CVE-2015-6679
CVE-2015-6682
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
8a34d9e6-c662-11df-b2e1-001b2134ef46linux-flashplugin -- remote code execution

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.


Discovery 2010-09-14
Entry 2010-09-22
linux-flashplugin
lt 9.0r283

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r85

CVE-2010-2884
http://www.adobe.com/support/security/advisories/apsa10-03.html
547fbd98-8b1f-11e5-b48b-bcaec565249cflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-7659).

These updates resolve a security bypass vulnerability that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-7662).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046).


Discovery 2015-11-10
Entry 2015-11-14
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.548

https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
CVE-2015-7651
CVE-2015-7652
CVE-2015-7653
CVE-2015-7654
CVE-2015-7655
CVE-2015-7656
CVE-2015-7657
CVE-2015-7658
CVE-2015-7659
CVE-2015-7660
CVE-2015-7661
CVE-2015-7662
CVE-2015-7663
CVE-2015-8043
CVE-2015-8044
CVE-2015-8046
dbdac023-80e1-11e2-9a29-001060e06fd4linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-02-26
Entry 2013-02-27
linux-f10-flashplugin
lt 11.2r202.273

CVE-2013-0504
CVE-2013-0643
CVE-2013-0648
20923a0d-82ba-11e1-8d7b-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

Multiple Priority 2 vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-04-05
Entry 2012-04-10
linux-f10-flashplugin
lt 11.2r202.228

CVE-2012-0724
CVE-2012-0725
CVE-2012-0772
CVE-2012-0773
https://www.adobe.com/support/security/bulletins/apsb12-07.html
76b597e4-e9c6-11df-9e10-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-09-28
Entry 2010-11-06
linux-flashplugin
lt 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r102

CVE-2010-3636
CVE-2010-3637
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3676
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.adobe.com/support/security/advisories/apsa10-05.html
4a3482da-3624-11e0-b995-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2011-02-08
Entry 2011-02-11
linux-flashplugin
le 9.0r289

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.2r152

CVE-2011-0573
CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
http://www.adobe.com/support/security/bulletins/apsb11-02.html
b7a7576d-8e0a-11e3-9976-9c4e36909cc0linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2014-02-04
Entry 2014-02-04
Modified 2014-02-05
linux-f10-flashplugin
lt 11.2r202.336

CVE-2014-0497
http://www.adobe.com/support/security/bulletins/apsb14-04.html
57573136-920e-11e0-bdc9-001b2134ef46linux-flashplugin -- cross-site scripting vulnerability

Adobe Product Security Incident Response Team reports:

An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.


Discovery 2011-05-13
Entry 2011-06-08
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.22

CVE-2011-2107
http://www.adobe.com/support/security/bulletins/apsb11-13.html
1657a3e6-4585-11e2-a396-10bf48230856linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-12-11
Entry 2012-12-14
linux-f10-flashplugin
le 11.2r202.258

CVE-2012-5676
CVE-2012-5677
CVE-2012-5678
32b05547-6913-11e0-bdc4-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.


Discovery 2011-01-20
Entry 2011-04-17
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.2r159.1

CVE-2011-0611
http://www.adobe.com/support/security/advisories/apsa11-02.html
688e73a2-e514-11e3-a52a-98fc11cdc4f5linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2014-03-13
Entry 2014-05-26
linux-f10-flashplugin
lt 11.2r202.359

CVE-2014-0510
CVE-2014-0516
CVE-2014-0517
CVE-2014-0518
CVE-2014-0519
CVE-2014-0520
https://helpx.adobe.com/security/products/flash-player/apsb14-14.html
e206df57-f97b-11e4-b799-c485083ca99cAdobe Flash Player -- critical vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest versions.

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-3078, CVE-2015-3089, CVE-2015-3090, CVE-2015-3093).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2015-3088).

These updates resolve a time-of-check time-of-use (TOCTOU) race condition that could be exploited to bypass Protected Mode in Internet Explorer (CVE-2015-3081).

These updates resolve validation bypass issues that could be exploited to write arbitrary data to the file system under user permissions (CVE-2015-3082, CVE-2015-3083, CVE-2015-3085).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-3087).

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-3077, CVE-2015-3084, CVE-2015-3086).

These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2015-3080).

These updates resolve memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-3091, CVE-2015-3092).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-3079), and provide additional hardening to protect against CVE-2015-3044.


Discovery 2015-05-12
Entry 2015-05-13
linux-c6-flashplugin
le 11.2r202.457

linux-f10-flashplugin
le 11.2r202.457

CVE-2015-3044
CVE-2015-3077
CVE-2015-3078
CVE-2015-3079
CVE-2015-3080
CVE-2015-3081
CVE-2015-3082
CVE-2015-3083
CVE-2015-3084
CVE-2015-3085
CVE-2015-3086
CVE-2015-3087
CVE-2015-3088
CVE-2015-3089
CVE-2015-3090
CVE-2015-3091
CVE-2015-3092
CVE-2015-3093
https://helpx.adobe.com/security/products/flash-player/apsb15-09.html
2c12ae0c-c38d-11e0-8eb7-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2011-05-13
Entry 2011-08-10
Modified 2012-11-05
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.5

CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
38195f00-b215-11e1-8132-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-06-08
Entry 2012-06-09
linux-f10-flashplugin
lt 11.2r202.236

CVE-2012-2034
CVE-2012-2035
CVE-2012-2036
CVE-2012-2037
CVE-2012-2038
CVE-2012-2039
CVE-2012-2040
http://www.adobe.com/support/security/bulletins/apsb12-14.html
fce67546-d2e7-11e2-a9bf-98fc11cdc4f5linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-06-11
Entry 2013-06-14
Modified 2013-06-18
linux-f10-flashplugin
lt 11.2r202.291

CVE-2013-3343
0c6b008d-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110, CVE-2016-4121).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, CVE-2016-4163).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).


Discovery 2016-05-12
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.621

CVE-2016-1096
CVE-2016-1097
CVE-2016-1098
CVE-2016-1099
CVE-2016-1100
CVE-2016-1101
CVE-2016-1102
CVE-2016-1103
CVE-2016-1104
CVE-2016-1105
CVE-2016-1106
CVE-2016-1107
CVE-2016-1108
CVE-2016-1109
CVE-2016-1110
CVE-2016-4108
CVE-2016-4109
CVE-2016-4110
CVE-2016-4111
CVE-2016-4112
CVE-2016-4113
CVE-2016-4114
CVE-2016-4115
CVE-2016-4116
CVE-2016-4117
CVE-2016-4120
CVE-2016-4121
CVE-2016-4160
CVE-2016-4161
CVE-2016-4162
CVE-2016-4163
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
e19e74a4-a712-11df-b234-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Discovery 2010-01-06
Entry 2010-08-13
linux-flashplugin
lt 9.0r280

linux-f8-flashplugin
linux-f10-flashplugin
lt 10.1r82

CVE-2010-0209
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
http://www.adobe.com/support/security/bulletins/apsb10-16.html
36533a59-2770-11e2-bb44-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-10-08
Entry 2012-11-02
linux-f10-flashplugin
le 11.2r202.238

CVE-2012-5248
CVE-2012-5249
CVE-2012-5250
CVE-2012-5251
CVE-2012-5252
CVE-2012-5253
CVE-2012-5254
CVE-2012-5255
CVE-2012-5256
CVE-2012-5257
CVE-2012-5258
CVE-2012-5259
CVE-2012-5260
CVE-2012-5261
CVE-2012-5262
CVE-2012-5263
CVE-2012-5264
CVE-2012-5265
CVE-2012-5266
CVE-2012-5267
CVE-2012-5269
CVE-2012-5270
CVE-2012-5271
CVE-2012-5272
CVE-2012-5285
CVE-2012-5286
CVE-2012-5287
CVE-2012-5673
CVE-2012-2034
CVE-2012-2035
CVE-2012-2036
CVE-2012-2037
CVE-2012-2038
CVE-2012-2039
CVE-2012-2040
https://www.adobe.com/support/security/bulletins/apsb12-22.html
0e8e1212-0ce5-11e1-849b-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android.

In addition a patch was released for users of flash10.


Discovery 2011-11-10
Entry 2011-11-11
linux-f10-flashplugin
lt 10.3r183.11

gt 11 lt 11.1r102.55

CVE-2011-2445
CVE-2011-2450
CVE-2011-2451
CVE-2011-2452
CVE-2011-2453
CVE-2011-2454
CVE-2011-2455
CVE-2011-2456
CVE-2011-2457
CVE-2011-2458
CVE-2011-2459
CVE-2011-2460
https://www.adobe.com/support/security/bulletins/apsb11-28.html
0e3dfdde-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148).

These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140).

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139).


Discovery 2016-06-16
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.626

CVE-2016-4122
CVE-2016-4123
CVE-2016-4124
CVE-2016-4125
CVE-2016-4127
CVE-2016-4128
CVE-2016-4129
CVE-2016-4130
CVE-2016-4131
CVE-2016-4132
CVE-2016-4133
CVE-2016-4134
CVE-2016-4135
CVE-2016-4136
CVE-2016-4137
CVE-2016-4138
CVE-2016-4139
CVE-2016-4140
CVE-2016-4141
CVE-2016-4142
CVE-2016-4143
CVE-2016-4144
CVE-2016-4145
CVE-2016-4146
CVE-2016-4147
CVE-2016-4148
CVE-2016-4149
CVE-2016-4150
CVE-2016-4151
CVE-2016-4152
CVE-2016-4153
CVE-2016-4154
CVE-2016-4155
CVE-2016-4156
CVE-2016-4166
CVE-2016-4171
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
55a528e8-9787-11e0-b24a-001b2134ef46linux-flashplugin -- remote code execution vulnerability

Adobe Product Security Incident Response Team reports:

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.


Discovery 2011-05-13
Entry 2011-06-15
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r181.26

CVE-2011-2110
http://www.adobe.com/support/security/bulletins/apsb11-18.html
15236023-a21b-11e2-a460-208984377b34linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-04-09
Entry 2013-04-10
linux-f10-flashplugin
lt 11.2r202.280

CVE-2013-1383
CVE-2013-1384
CVE-2013-1385
CVE-2013-1386
53e531a7-e559-11e0-b481-001b2134ef46linux-flashplugin -- multiple vulnerabilities

Adobe Product Security Incident Response Team reports:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.186.6 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website.


Discovery 2011-06-06
Entry 2011-09-22
linux-flashplugin
le 9.0r289

linux-f10-flashplugin
lt 10.3r183.10

https://www.adobe.com/support/security/bulletins/apsb11-26.html
CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444
5ff40cb4-8b92-11e2-bdb6-001060e06fd4linux-flashplugin -- multiple vulnerabilities

Adobe reports:

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2013-03-12
Entry 2013-03-12
linux-f10-flashplugin
lt 11.2r202.275

CVE-2013-0646
CVE-2013-0650
CVE-2013-1371
CVE-2013-1375
38195f00-b215-11e1-8132-003067b2972clinux-flashplugin -- multiple vulnerabilities

Adobe reports:

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.


Discovery 2012-06-08
Entry 2012-06-09
linux-f10-flashplugin
lt 11.2r202.236

CVE-2012-2034
CVE-2012-2035
CVE-2012-2036
CVE-2012-2037
CVE-2012-2038
CVE-2012-2039
CVE-2012-2040
http://www.adobe.com/support/security/bulletins/apsb12-14.html