This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 740388 - (CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430) CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26
CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugi...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,public=20110921,repor...
: Reopened, Security
Depends On: 737587 737588 737589 740208 740210
Blocks: 740205 751852
  Show dependency treegraph
 
Reported: 2011-09-21 16:45 EDT by Vincent Danen
Modified: 2012-10-03 00:22 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-02-14 09:25:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2011-09-21 16:45:44 EDT
Adobe has released APSB11-26 [1] to address the following critical flaws:

This update resolves an AVM stack overflow issue that may allow for remote code execution. (CVE-2011-2426).

This update resolves an AVM stack overflow issue that may lead to denial of service and code execution.  (CVE-2011-2427).

This update resolves a logic error issue which causes a browser crash and may lead to code execution.  (CVE-2011- 2428).

This update resolves a streaming media logic error vulnerability which could lead to code execution. (CVE-2011-2430).

[1] http://www.adobe.com/support/security/bulletins/apsb11-26.html
Comment 2 errata-xmlrpc 2011-09-22 12:54:18 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1333 https://rhn.redhat.com/errata/RHSA-2011-1333.html
Comment 3 errata-xmlrpc 2011-11-08 06:14:06 EST
This issue has been addressed in following products:

  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1434 https://rhn.redhat.com/errata/RHSA-2011-1434.html
Comment 4 Murray McAllister 2012-10-03 00:22:15 EDT
Acknowledgements CVE-2011-2428:

This issue was discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team.

Note You need to log in before you can comment on or make changes to this bug.