1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Candidate: CVE-2012-5054
PublicDate: 2012-09-24
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5054
http://www.vupen.com/english/services/ba-index.php
http://www.adobe.com/support/security/bulletins/apsb12-19.html
http://packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html
Description:
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe
Flash Player before 11.4.402.265 allows remote attackers to execute
arbitrary code via malformed arguments.
Ubuntu-Description:
Notes:
sarnold> "Users of Adobe Flash Player 11.2.202.236 and earlier versions for Linux should
update to Adobe Flash Player 11.2.202.238."
11.3 and higher are for Windows and Mac OS X only.
Bugs:
Priority: high
Discovered-by:
Assigned-to:
Patches_flashplugin-nonfree:
upstream_flashplugin-nonfree: released (11.2.202.238, 11.4.402.265)
hardy_flashplugin-nonfree: ignored (reached end-of-life)
lucid_flashplugin-nonfree: released (11.2.202.238ubuntu0.10.04.1)
natty_flashplugin-nonfree: released (11.2.202.238ubuntu0.11.04.1)
oneiric_flashplugin-nonfree: released (11.2.202.238ubuntu0.11.10.1)
precise_flashplugin-nonfree: released (11.2.202.238ubuntu0.12.04.1)
devel_flashplugin-nonfree: released (11.2.202.238ubuntu1)
|