Bug 729497 – CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 729497 - (APSB11-21, CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425) CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)

Summary:	CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-201...

Status:	CLOSED ERRATA

Aliases:	APSB11-21, CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	urgent Severity urgent
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=critical,public=20110809,repor...
Keywords:	Reopened, Security

Depends On:	729498 729499 737587 737588 737589
Blocks:	729509 751852
	Show dependency tree / graph

Reported:	2011-08-09 19:02 EDT by Vincent Danen
Modified:	2012-02-14 09:24 EST (History)
CC List:	6 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2012-02-14 09:24:51 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:1144	normal	SHIPPED_LIVE	Critical: flash-plugin security update	2011-08-10 11:58:23 EDT
Red Hat Product Errata	RHSA-2011:1434	normal	SHIPPED_LIVE	Critical: acroread security update	2011-11-08 11:13:47 EST

Groups: None (edit)

Description Vincent Danen 2011-08-09 19:02:37 EDT

Adobe has released APSB11-21 [1] along with Flash Player 10.3.183.5 to correct a number of critical flaws. The flaws are described as:

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.183.5. Users of Adobe Flash Player for Android 10.3.185.25 and earlier versions should update to Adobe Flash Player for Android 10.3.186.3. Users of Adobe AIR 2.7 for Windows and Macintosh, should update to 2.7.1 and users of AIR 2.7 for Android should update to Adobe AIR 2.7.1.1961.

Note: Adobe is not aware of any exploits 'in the wild' for the issues addressed in this update.

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2130).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2134).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2135).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2136).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2137).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2138).

This update resolves a cross-site information disclosure vulnerability that could lead to code execution (CVE-2011-2139).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2140).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2414).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2415).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2011-2416).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2417).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2425).

[1] http://www.adobe.com/support/security/bulletins/apsb11-21.html

Comment 2 errata-xmlrpc 2011-08-10 11:58:28 EDT

This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1144 https://rhn.redhat.com/errata/RHSA-2011-1144.html

Comment 3 Vincent Danen 2011-08-10 12:02:23 EDT

External References:

http://www.adobe.com/support/security/bulletins/apsb11-21.html

Comment 4 Vincent Danen 2011-08-15 18:37:54 EDT

Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2424 to
the following vulnerability:

Name: CVE-2011-2424
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2424
Assigned: 20110606
Reference: http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html
Reference: http://twitter.com/taviso/statuses/101046246277521409
Reference: http://twitter.com/taviso/statuses/101046396790128640
Reference: http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html
Reference: http://www.adobe.com/support/security/bulletins/apsb11-21.html

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and
Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1
on Windows and Mac OS X and before 2.7.1.1961 on Android, allows
remote attackers to execute arbitrary code or cause a denial of
service (memory corruption) via a crafted SWF file, as demonstrated by
"about 400 unique crash signatures.

(This CVE was allocated to cover the "other" stuff).

Comment 5 errata-xmlrpc 2011-11-08 06:14:02 EST

This issue has been addressed in following products:

  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1434 https://rhn.redhat.com/errata/RHSA-2011-1434.html

Note You need to log in before you can comment on or make changes to this bug.