Bug 729497 (APSB11-21, CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425)

Summary: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: ed.costello, emhuang, jlieskov, mmelanso, mtilburg, stransky
Target Milestone: ---Keywords: Reopened, Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-14 14:24:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 729498, 729499, 737587, 737588, 737589    
Bug Blocks: 729509, 751852    

Description Vincent Danen 2011-08-09 23:02:37 UTC 
Adobe has released APSB11-21 [1] along with Flash Player 10.3.183.5 to correct a number of critical flaws.  The flaws are described as:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android.  These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.183.5. Users of Adobe Flash Player for Android 10.3.185.25 and earlier versions should update to Adobe Flash Player for Android 10.3.186.3. Users of Adobe AIR 2.7  for Windows and Macintosh, should update to 2.7.1 and users of AIR 2.7 for Android should update to Adobe AIR 2.7.1.1961.

Note: Adobe is not aware of any exploits 'in the wild' for the issues addressed in this update.

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2130).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2134).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2135).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2136).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2137).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2138).

This update resolves a cross-site information disclosure vulnerability that could lead to code execution (CVE-2011-2139).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2140).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2414).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2415).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2416).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2417).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2425).

[1] http://www.adobe.com/support/security/bulletins/apsb11-21.html
Comment 2 errata-xmlrpc 2011-08-10 15:58:28 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1144 https://rhn.redhat.com/errata/RHSA-2011-1144.html
Comment 3 Vincent Danen 2011-08-10 16:02:23 UTC 
External References:

http://www.adobe.com/support/security/bulletins/apsb11-21.html
Comment 4 Vincent Danen 2011-08-15 22:37:54 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2424 to
the following vulnerability:

Name: CVE-2011-2424
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2424
Assigned: 20110606
Reference: http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html
Reference: http://twitter.com/taviso/statuses/101046246277521409
Reference: http://twitter.com/taviso/statuses/101046396790128640
Reference: http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html
Reference: http://www.adobe.com/support/security/bulletins/apsb11-21.html

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and
Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1
on Windows and Mac OS X and before 2.7.1.1961 on Android, allows
remote attackers to execute arbitrary code or cause a denial of
service (memory corruption) via a crafted SWF file, as demonstrated by
"about 400 unique crash signatures.

(This CVE was allocated to cover the "other" stuff).
Comment 5 errata-xmlrpc 2011-11-08 11:14:02 UTC 
This issue has been addressed in following products:

  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1434 https://rhn.redhat.com/errata/RHSA-2011-1434.html