Subject: [ASA-201701-16] flashplugin: multiple issues Arch Linux Security Advisory ASA-201701-16 ========================================== Severity: Critical Date : 2017-01-12 CVE-ID : CVE-2017-2925 CVE-2017-2926 CVE-2017-2927 CVE-2017-2928 CVE-2017-2930 CVE-2017-2931 CVE-2017-2932 CVE-2017-2933 CVE-2017-2934 CVE-2017-2935 CVE-2017-2936 CVE-2017-2937 CVE-2017-2938 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-135 Summary ======= The package flashplugin before version 24.0.0.194-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========== Upgrade to 24.0.0.194-1. # pacman -Syu "flashplugin>=24.0.0.194-1" The problems have been fixed upstream in version 24.0.0.194. Workaround ========== None. Description =========== - CVE-2017-2925 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. - CVE-2017-2926 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. - CVE-2017-2927 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. - CVE-2017-2928 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. - CVE-2017-2930 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution. - CVE-2017-2931 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. - CVE-2017-2932 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. - CVE-2017-2933 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. - CVE-2017-2934 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. - CVE-2017-2935 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. - CVE-2017-2936 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. - CVE-2017-2937 (arbitrary code execution) Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. - CVE-2017-2938 (information disclosure) Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. Impact ====== A remote attacker can access sensitive information or execute arbitrary code on the affected host. References ========== https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.archlinux.org/CVE-2017-2925 https://security.archlinux.org/CVE-2017-2926 https://security.archlinux.org/CVE-2017-2927 https://security.archlinux.org/CVE-2017-2928 https://security.archlinux.org/CVE-2017-2930 https://security.archlinux.org/CVE-2017-2931 https://security.archlinux.org/CVE-2017-2932 https://security.archlinux.org/CVE-2017-2933 https://security.archlinux.org/CVE-2017-2934 https://security.archlinux.org/CVE-2017-2935 https://security.archlinux.org/CVE-2017-2936 https://security.archlinux.org/CVE-2017-2937 https://security.archlinux.org/CVE-2017-2938