Red Hat Bugzilla – Bug 218973
CVE-2006-5330 Flash Player HTTP header injection
Last modified: 2007-11-30 17:07:27 EST
Adobe released Flash Player 22.214.171.124 which fixes a flaw that allows a malicious
flash client to modify the headers of an HTTP client request. This flaw by
itself is not a security issue, but can be leveraged to exploit certain proxy
and web server flaws.
This flaw also affect the flash player shipped in RHEL3.
This will be RHSA-2006:0756
Package is built and ready for testing.
I don't know if it has the correct tag for LACD errata, that part is confusing.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.