[Secure-testing-team] Bug#483199: flashplugin-nonfree: Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.

Sam Morris sam at robots.org.uk
Tue May 27 18:41:23 UTC 2008 

Package: flashplugin-nonfree
Version: 1:1.4
Severity: grave
Tags: security
Justification: user security hole

Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.

An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Adobe Flash Player 9.0.115.0 and 9.0.124.0 are vulnerable; other versions may also be affected. 

<http://www.securityfocus.com/bid/29386>

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.25-1-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages flashplugin-nonfree depends on:
ii  debconf [debconf-2.0]  1.5.22            Debian configuration management sy
ii  fontconfig             2.5.0-2           generic font configuration library
ii  gnupg                  1.4.6-2.2         GNU privacy guard - a free PGP rep
ii  libatk1.0-0            1.22.0-1          The ATK accessibility toolkit
ii  libc6                  2.7-10            GNU C Library: Shared libraries
ii  libcairo2              1.6.4-1+b1        The Cairo 2D vector graphics libra
ii  libexpat1              1.95.8-4          XML parsing C library - runtime li
ii  libfontconfig1         2.5.0-2           generic font configuration library
ii  libfreetype6           2.3.5-1+b1        FreeType 2 font engine, shared lib
ii  libglib2.0-0           2.16.3-2          The GLib library of C routines
ii  libgtk2.0-0            2.12.9-3          The GTK+ graphical user interface 
ii  libice6                2:1.0.4-1         X11 Inter-Client Exchange library
ii  libpango1.0-0          1.20.2-2          Layout and rendering of internatio
ii  libpng12-0             1.2.27-1          PNG library - runtime
ii  libsm6                 2:1.0.3-1+b1      X11 Session Management library
ii  libx11-6               2:1.0.3-7         X11 client-side library
ii  libxau6                1:1.0.3-3         X11 authorisation library
ii  libxcursor1            1:1.1.9-1         X cursor management library
ii  libxdmcp6              1:1.0.2-2         X11 Display Manager Control Protoc
ii  libxext6               2:1.0.4-1         X11 miscellaneous extension librar
ii  libxfixes3             1:4.0.3-2         X11 miscellaneous 'fixes' extensio
ii  libxi6                 2:1.1.3-1         X11 Input extension library
ii  libxinerama1           2:1.0.3-1         X11 Xinerama extension library
ii  libxrandr2             2:1.2.2-1         X11 RandR extension library
ii  libxrender1            1:0.9.4-1         X Rendering Extension client libra
ii  libxt6                 1:1.0.5-3         X11 toolkit intrinsics library
ii  wget                   1.11.2-1          retrieves files from the web
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

flashplugin-nonfree recommends no packages.

-- debconf information:
  flashplugin-nonfree/httpget: false
  flashplugin-nonfree/not_exist:
  flashplugin-nonfree/http_proxy:
  flashplugin-nonfree/local:
  flashplugin-nonfree/delete: false
  flashplugin-nonfree/failed:

More information about the Secure-testing-team mailing list