205983 – CVE-2006-3311 Multiple flash-plug flaws (CVE-2006-3587 CVE-2006-3588)

Bug 205983 - CVE-2006-3311 Multiple flash-plug flaws (CVE-2006-3587 CVE-2006-3588)

Summary: CVE-2006-3311 Multiple flash-plug flaws (CVE-2006-3587 CVE-2006-3588)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	flash-plugin
Sub Component:
Version:	4.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	urgent
Target Milestone:	---
Target Release:	---
Assignee:	Warren Togami
QA Contact:
Docs Contact:
URL:
Whiteboard:	source=adobe,reported=20060908,impact...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-09-11 08:11 UTC by Mark J. Cox
Modified:	2007-11-30 22:07 UTC (History)
CC List:	1 user (show)
Fixed In Version:	RHSA-2006-0674
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-09-12 18:52:07 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2006:0674	0	normal	SHIPPED_LIVE	Critical: flash-plugin security update	2006-09-12 04:00:00 UTC

Description Mark J. Cox 2006-09-11 08:11:22 UTC

Abode notified us that a new Flash 7 player will be released on September 12th
to fix critical security flaws.

        Multiple input validation errors have been identified in Flash
        Player 8.0.24.0 and earlier versions that could lead to the
        potential execution of arbitrary code. These vulnerabilities
        could be accessed through content delivered from a remote
        location via the user’s web browser, email client, or other
        applications that include or reference the Flash
        Player. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588)

CVE-2006-3014 is also mentioned in their advisory but only affects the Windows
platform.

        Probably Affects: RHEL3 Extras
        Probably Affects: RHEL4 Extras

Comment 6 Mark J. Cox 2006-09-12 18:50:39 UTC

removing embargo, this is now public at
http://www.adobe.com/support/security/bulletins/apsb06-11.html

Comment 7 Red Hat Bugzilla 2006-09-12 18:52:07 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0674.html

Note You need to log in before you can comment on or make changes to this bug.