Vulnerability Bulletins |
Ejecución arbitraria de código en Adobe Flash Player para Linux |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software |
Adobe Flash Player para Linux <= 10.0.12.36 Adobe Flash Player para Linux <= 9.0.151.0 |
Description |
|
|
Se ha descubierto una vulnerabilidad Adobe Flash Player para Linux 10.0.12.36. Un atacante remoto podría ejecutar código arbitrario mediante un fichero SWF especialmente diseñado. |
|
Solution |
|
|
Actualización de software Adobe (APSB08-24) Adobe Flash Player for Linux 10.0.15.3 http://get.adobe.com/flashplayer Adobe Flash Player for Linux 9.0.152.0 http://www.adobe.com/go/kb406791 Red Hat (RHSA-2008:1047-5) RHEL Desktop Supplementary (v. 5 cliente) RHEL Supplementary (v. 5 servidor) Red Hat Enterprise Linux Extras (v. 3) Red Hat Enterprise Linux Extras (v. 4) https://rhn.redhat.com/ Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2008-5499 |
| BID | |
Other resources |
|
|
Adobe Security Bulletin (APSB08-24) http://www.adobe.com/support/security/bulletins/apsb08-24.html Red Hat Security Advisory (RHSA-2008:1047-5) https://rhn.redhat.com/errata/RHSA-2008-1047.html SUSE Security Advisory (SUSE-SA:2008:059) http://www.novell.com/linux/security/advisories/2008_59_flashplayer.html |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2008-12-18 |
| 1.1 | Aviso emitido por Red Hat (RHSA-2008:1047-5) | 2008-12-22 |
| 1.2 | Aviso emitido por Suse (SUSE-SA:2008:059) | 2008-12-29 |