vuln-list-alt/oval/c10f1/ALT-PU-2014-1283/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20141283",
      "Version": "oval:org.altlinux.errata:def:20141283",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2014-1283: package `adobe-flash-player` update to version 11-alt27",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch c10f1"
            ],
            "Products": [
              "ALT SP Workstation",
              "ALT SP Server"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2014-1283",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2014-1283",
            "Source": "ALTPU"
          },
          {
            "RefID": "CVE-2014-0503",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-0503",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2014-0504",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-0504",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades adobe-flash-player to version 11-alt27. \nSecurity Fix(es):\n\n * CVE-2014-0503: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.\n\n * CVE-2014-0504: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "Low",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2014-03-13"
          },
          "Updated": {
            "Date": "2014-03-13"
          },
          "BDUs": null,
          "CVEs": [
            {
              "ID": "CVE-2014-0503",
              "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
              "CWE": "CWE-264",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-0503",
              "Impact": "Low",
              "Public": "20140312"
            },
            {
              "ID": "CVE-2014-0504",
              "CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-0504",
              "Impact": "Low",
              "Public": "20140312"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:spworkstation:10",
              "cpe:/o:alt:spserver:10"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:5001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141283001",
                "Comment": "i586-mozilla-plugin-adobe-flash is earlier than 3:11.2.202.346-alt27"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20141283002",
                "Comment": "mozilla-plugin-adobe-flash is earlier than 3:11.2.202.346-alt27"
              }
            ]
          }
        ]
      }
    }
  ]
}