Bugzilla – Bug 1038281
VUL-0: flash-player: may 09 2017 release (ABSP17-15)
Last modified: 2017-06-08 13:29:28 UTC
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html Security updates available for Adobe Flash Player Release date: May 9, 2017 Vulnerability identifier: APSB17-15 Priority: See table below CVE number: CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074 Platform: Windows, Macintosh, Linux and Chrome OS Summary Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Affected versions ... Vulnerability Details These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2017-3071). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074). Acknowledgments Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: Jihui Lu of Tencent KeenLab (CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074) Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero (CVE-2017-3068)
SUSE-SU-2017:1238-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 1038281 CVE References: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017-3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): flash-player-25.0.0.171-168.1 SUSE Linux Enterprise Desktop 12-SP1 (src): flash-player-25.0.0.171-168.1
released