Red Hat Bugzilla – Bug 950180
CVE-2013-1378 CVE-2013-1379 CVE-2013-1380 flash-plugin: multiple code execution flaws (APSB13-11)
Last modified: 2015-11-24 10:31:15 EST
Adobe security bulletin APSB13-11 describes multiple security flaws that could cause Adobe Flash Player to crash and potentially allow an attacker to take control of the affected system:
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-2555, tracked via bug #920186)
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-1378, CVE-2013-1380).
These updates resolve a memory corruption vulnerability caused by Flash Player improperly initializing certain pointer arrays, which could lead to code execution (CVE-2013-1379).
This issue has been addressed in following products:
Supplementary for Red Hat Enterprise Linux 5
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2013:0730 https://rhn.redhat.com/errata/RHSA-2013-0730.html