112 lines
3.8 KiB
JSON
112 lines
3.8 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20141283",
|
|
"Version": "oval:org.altlinux.errata:def:20141283",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2014-1283: package `adobe-flash-player` update to version 11-alt27",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch p9"
|
|
],
|
|
"Products": [
|
|
"ALT Server",
|
|
"ALT Virtualization Server",
|
|
"ALT Workstation",
|
|
"ALT Workstation K",
|
|
"ALT Education",
|
|
"Simply Linux",
|
|
"Starterkit"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2014-1283",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2014-1283",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2014-0503",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-0503",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2014-0504",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-0504",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades adobe-flash-player to version 11-alt27. \nSecurity Fix(es):\n\n * CVE-2014-0503: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.\n\n * CVE-2014-0504: Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "Low",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2014-03-13"
|
|
},
|
|
"Updated": {
|
|
"Date": "2014-03-13"
|
|
},
|
|
"BDUs": null,
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2014-0503",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
|
|
"CWE": "CWE-264",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-0503",
|
|
"Impact": "Low",
|
|
"Public": "20140312"
|
|
},
|
|
{
|
|
"ID": "CVE-2014-0504",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CWE": "CWE-200",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-0504",
|
|
"Impact": "Low",
|
|
"Public": "20140312"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:kworkstation:9",
|
|
"cpe:/o:alt:workstation:9",
|
|
"cpe:/o:alt:server:9",
|
|
"cpe:/o:alt:server-v:9",
|
|
"cpe:/o:alt:education:9",
|
|
"cpe:/o:alt:slinux:9",
|
|
"cpe:/o:alt:starterkit:p9"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20141283001",
|
|
"Comment": "i586-mozilla-plugin-adobe-flash is earlier than 3:11.2.202.346-alt27"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20141283002",
|
|
"Comment": "mozilla-plugin-adobe-flash is earlier than 3:11.2.202.346-alt27"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |