Bug 920186 (CVE-2013-2555)

Summary: CVE-2013-2555 flash-plugin: Remote attackers able to execute arbitrary code via vectors that leverage an 'overflow' (CanSecWest 2013)
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: ed.costello, emhuang, mmelanso, mtilburg, stransky
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=critical,public=20130307,reported=20130311,source=cve,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/flash-plugin=affected,rhel-6/flash-plugin=affected
Fixed In Version: flash-plugin Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-04-10 05:49:21 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 950184, 950185, 950186, 950187    
Bug Blocks: 920189    

Description Jan Lieskovsky 2013-03-11 10:14:40 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-2555 to the following vulnerability:

Adobe Flash Player 11.6.602.171 on Windows allows remote attackers to execute arbitrary code via vectors that leverage an "overflow," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2555
[2] http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
[3] http://twitter.com/VUPEN/statuses/309713355466227713
[4] http://twitter.com/thezdi/statuses/309756927301283840
Comment 1 Huzaifa S. Sidhpurwala 2013-03-18 01:08:50 EDT

This issue affects the version of flash-plugin as shipped with Red Hat Enterprise Linux 5 and 6. Updates will be released as soon as they are made generally available by Adobe.
Comment 3 errata-xmlrpc 2013-04-10 05:10:01 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0730 https://rhn.redhat.com/errata/RHSA-2013-0730.html