LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

flash-plugin: multiple vulnerabilities

Package(s):flash-plugin CVE #(s):CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216
Created:August 12, 2010 Updated:January 21, 2011
Description:

From the Red Hat advisory:

Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2010-0209, CVE-2010-2213, CVE-2010-2214, CVE-2010-2216)

A clickjacking flaw was discovered in flash-plugin. A specially-crafted SWF file could trick a user into unintentionally or mistakenly clicking a link or a dialog. (CVE-2010-2215)

Alerts:
Gentoo 201101-09 2011-01-21
Pardus 2010-120 2010-09-03
openSUSE openSUSE-SU-2010:0573-1 2010-09-01
SUSE SUSE-SA:2010:037 2010-09-01
Red Hat RHSA-2010:0636-02 2010-08-20
SUSE SUSE-SA:2010:034 2010-08-13
Red Hat RHSA-2010:0624-01 2010-08-11
openSUSE openSUSE-SU-2010:0502-1 2010-08-12
Red Hat RHSA-2010:0623-01 2010-08-11
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds