oval:org.mitre.oval:def:24647

Definition Id: oval:org.mitre.oval:def:24647
 
Oval ID: oval:org.mitre.oval:def:24647
Title: ELSA-2014:0380: flash-plugin security update (Critical)
Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-09, listed in the References section. Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0506, CVE-2014-0507) A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0508) A flaw in flash-plugin could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0509) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.350.
Family: unix Class: patch
Reference(s): ELSA-2014:0380-00
CVE-2014-0506
CVE-2014-0507
CVE-2014-0508
CVE-2014-0509
Version: 5
Platform(s): Oracle Linux 6
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16594
 
Oval ID: oval:org.mitre.oval:def:16594
Title: Oracle Linux 6.x
Description: The operating system installed on the system is Oracle Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:6
Version: 5
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24647