Bug 775986 – VUL-0: CVE-2012-1535: flash-player: code execution vulnerability

Bug 775986 - VUL-0: CVE-2012-1535: flash-player: code execution vulnerability


Summary:	VUL-0: CVE-2012-1535: flash-player: code execution vulnerability

Status:	RESOLVED FIXED
Duplicates:	776891 (view as bug list)

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp1:48735 maint:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2012-08-15 08:02 UTC by Matthias Weckbecker
Modified:	2013-02-28 17:25 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Weckbecker 2012-08-15 08:02:34 UTC

An update of flash-player is available. Quote from [1]:

"Adobe has released security updates for Adobe Flash Player 11.3.300.270 and
 earlier versions for Windows, Macintosh and Linux. These updates address a
 vulnerability (CVE-2012-1535) that could cause the application to crash and
 potentially allow an attacker to take control of the affected system."

[1] http://www.adobe.com/support/security/bulletins/apsb12-18.html

Comment 1 Swamp Workflow Management 2012-08-15 12:34:42 UTC

The SWAMPID for this issue is 48732.
This issue was rated as important.
Please submit fixed packages until 2012-08-22.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 2 Bernhard Wiedemann 2012-08-15 13:00:07 UTC

This is an autogenerated message for OBS integration:
This bug (775986) was mentioned in
https://build.opensuse.org/request/show/130880 Factory / flash-player

Comment 3 Swamp Workflow Management 2012-08-16 16:08:53 UTC

openSUSE-SU-2012:0996-1: An update that fixes one vulnerability is now available.

Category: security (critical)
Bug References: 775986
CVE References: CVE-2012-1535
Sources used:

Comment 4 Swamp Workflow Management 2012-08-17 10:55:18 UTC

Update released for: flash-player, flash-player-gnome, flash-player-kde4
Products:
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-DESKTOP 11-SP1-FOR-SP2 (i386, x86_64)

Comment 5 Swamp Workflow Management 2012-08-17 15:49:26 UTC

Update released for: flash-player
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)

Comment 6 Bernhard Wiedemann 2012-08-20 11:00:15 UTC

This is an autogenerated message for OBS integration:
This bug (775986) was mentioned in
https://build.opensuse.org/request/show/131220 Evergreen:11.2 / flash-player

Comment 7 Matthias Weckbecker 2012-08-22 08:09:54 UTC

All done.

Comment 8 Dirk Mueller 2012-08-22 09:32:20 UTC

*** Bug 776891 has been marked as a duplicate of this bug. ***

Comment 9 Swamp Workflow Management 2013-02-28 17:25:33 UTC

openSUSE-SU-2013:0362-1: An update that fixes one vulnerability is now available.

Category: security (critical)
Bug References: 775986
CVE References: CVE-2012-1535
Sources used: