pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p9/ALT-PU-2016-1216/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

722 lines
42 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20161216",
"Version": "oval:org.altlinux.errata:def:20161216",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2016-1216: package `adobe-flash-player` update to version 11-alt60",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2016-1216",
"RefURL": "https://errata.altlinux.org/ALT-PU-2016-1216",
"Source": "ALTPU"
},
{
"RefID": "BDU:2016-00778",
"RefURL": "https://bdu.fstec.ru/vul/2016-00778",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00782",
"RefURL": "https://bdu.fstec.ru/vul/2016-00782",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00783",
"RefURL": "https://bdu.fstec.ru/vul/2016-00783",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00784",
"RefURL": "https://bdu.fstec.ru/vul/2016-00784",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00785",
"RefURL": "https://bdu.fstec.ru/vul/2016-00785",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00786",
"RefURL": "https://bdu.fstec.ru/vul/2016-00786",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00787",
"RefURL": "https://bdu.fstec.ru/vul/2016-00787",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00788",
"RefURL": "https://bdu.fstec.ru/vul/2016-00788",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00789",
"RefURL": "https://bdu.fstec.ru/vul/2016-00789",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00790",
"RefURL": "https://bdu.fstec.ru/vul/2016-00790",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00791",
"RefURL": "https://bdu.fstec.ru/vul/2016-00791",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00792",
"RefURL": "https://bdu.fstec.ru/vul/2016-00792",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00793",
"RefURL": "https://bdu.fstec.ru/vul/2016-00793",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00794",
"RefURL": "https://bdu.fstec.ru/vul/2016-00794",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00795",
"RefURL": "https://bdu.fstec.ru/vul/2016-00795",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00796",
"RefURL": "https://bdu.fstec.ru/vul/2016-00796",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00797",
"RefURL": "https://bdu.fstec.ru/vul/2016-00797",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00798",
"RefURL": "https://bdu.fstec.ru/vul/2016-00798",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00799",
"RefURL": "https://bdu.fstec.ru/vul/2016-00799",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00800",
"RefURL": "https://bdu.fstec.ru/vul/2016-00800",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00801",
"RefURL": "https://bdu.fstec.ru/vul/2016-00801",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00802",
"RefURL": "https://bdu.fstec.ru/vul/2016-00802",
"Source": "BDU"
},
{
"RefID": "BDU:2016-00803",
"RefURL": "https://bdu.fstec.ru/vul/2016-00803",
"Source": "BDU"
},
{
"RefID": "CVE-2016-0960",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0960",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0961",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0961",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0962",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0962",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0963",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0963",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0986",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0986",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0987",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0987",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0988",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0988",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0989",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0989",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0990",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0990",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0991",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0991",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0992",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0992",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0993",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0993",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0994",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0994",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0995",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0995",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0996",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0996",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0997",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0997",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0998",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0998",
"Source": "CVE"
},
{
"RefID": "CVE-2016-0999",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0999",
"Source": "CVE"
},
{
"RefID": "CVE-2016-1000",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000",
"Source": "CVE"
},
{
"RefID": "CVE-2016-1001",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1001",
"Source": "CVE"
},
{
"RefID": "CVE-2016-1002",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1002",
"Source": "CVE"
},
{
"RefID": "CVE-2016-1005",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1005",
"Source": "CVE"
},
{
"RefID": "CVE-2016-1010",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1010",
"Source": "CVE"
}
],
"Description": "This update upgrades adobe-flash-player to version 11-alt60. \nSecurity Fix(es):\n\n * BDU:2016-00778: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00782: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00783: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00784: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00785: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00786: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00787: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00788: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00789: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00790: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00791: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00792: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00793: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00794: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00795: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00796: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00797: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00798: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00799: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00800: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-00801: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00802: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00803: Уязвимость программных платформ Flash Player, Flash Player ESR и Adobe Integrated Runtime, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * CVE-2016-0960: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0961: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0962: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0963: Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.\n\n * CVE-2016-0986: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0987: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0988: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0989: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0990: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0991: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0992: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.\n\n * CVE-2016-0993: Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.\n\n * CVE-2016-0994: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0995: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0996: Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0997: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0998: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.\n\n * CVE-2016-0999: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.\n\n * CVE-2016-1000: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.\n\n * CVE-2016-1001: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.\n\n * CVE-2016-1002: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.\n\n * CVE-2016-1005: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.\n\n * CVE-2016-1010: Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2016-03-11"
},
"Updated": {
"Date": "2016-03-11"
},
"BDUs": [
{
"ID": "BDU:2016-00778",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-189",
"Href": "https://bdu.fstec.ru/vul/2016-00778",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00782",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00782",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00783",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00783",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00784",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00784",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00785",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00785",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00786",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00786",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00787",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00787",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00788",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00788",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00789",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00789",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00790",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00790",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00791",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00791",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00792",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-189",
"Href": "https://bdu.fstec.ru/vul/2016-00792",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00793",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00793",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00794",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00794",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00795",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00795",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00796",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00796",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00797",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00797",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00798",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2016-00798",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00799",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00799",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00800",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-189",
"Href": "https://bdu.fstec.ru/vul/2016-00800",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00801",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00801",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00802",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00802",
"Impact": "Critical",
"Public": "20160312"
},
{
"ID": "BDU:2016-00803",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2016-00803",
"Impact": "Critical",
"Public": "20160312"
}
],
"CVEs": [
{
"ID": "CVE-2016-0960",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0960",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0961",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0961",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0962",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0962",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0963",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0963",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0986",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0986",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0987",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0987",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0988",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0988",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0989",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0989",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0990",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0990",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0991",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0991",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0992",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0992",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0993",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0993",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0994",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0994",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0995",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0995",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0996",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0996",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0997",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0997",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0998",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0998",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-0999",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0999",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-1000",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-1001",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1001",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-1002",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1002",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-1005",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-824",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1005",
"Impact": "High",
"Public": "20160312"
},
{
"ID": "CVE-2016-1010",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1010",
"Impact": "High",
"Public": "20160312"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20161216001",
"Comment": "i586-mozilla-plugin-adobe-flash is earlier than 3:11.2.202.577-alt60"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20161216002",
"Comment": "mozilla-plugin-adobe-flash is earlier than 3:11.2.202.577-alt60"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink