Red Hat Bugzilla – Bug 920854
CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 flash-plugin: multiple code execution flaws (APSB13-09)
Last modified: 2015-11-24 10:30:12 EST
Adobe security bulletin APSB13-09 describes multiple security flaws that could cause Adobe Flash Player to crash and potentially allow an attacker to take control of the affected system:
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-0646).
These updates resolve a use-after-free vulnerability that could be exploited to execute arbitrary code (CVE-2013-0650).
These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2013-1371).
These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2013-1375).
This issue has been addressed in following products:
Supplementary for Red Hat Enterprise Linux 6
Supplementary for Red Hat Enterprise Linux 5
Via RHSA-2013:0643 https://rhn.redhat.com/errata/RHSA-2013-0643.html