Security update for flash-player SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1374-1 Final 1 1 2015-08-12T07:50:09Z current 2015-08-12T07:50:09Z 2015-08-12T07:50:09Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for flash-player This security update to 11.2.202.508 (bsc#941239) fixes the following issues: * APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5550, CVE-2015-5551, CVE-2015-5552, CVE-2015-5553, CVE-2015-5554, CVE-2015-5555, CVE-2015-5556, CVE-2015-5557, CVE-2015-5558, CVE-2015-5559, CVE-2015-5560, CVE-2015-5561, CVE-2015-5562, CVE-2015-5563 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2015-390,SUSE-SLE-WE-12-2015-390 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ Link for SUSE-SU-2015:1374-1 https://lists.opensuse.org/opensuse-security-announce/2015-08/msg00005.html E-Mail link for SUSE-SU-2015:1374-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/941239 SUSE Bug 941239 https://www.suse.com/security/cve/CVE-2015-3107/ SUSE CVE CVE-2015-3107 page https://www.suse.com/security/cve/CVE-2015-5124/ SUSE CVE CVE-2015-5124 page https://www.suse.com/security/cve/CVE-2015-5125/ SUSE CVE CVE-2015-5125 page https://www.suse.com/security/cve/CVE-2015-5127/ SUSE CVE CVE-2015-5127 page https://www.suse.com/security/cve/CVE-2015-5128/ SUSE CVE CVE-2015-5128 page https://www.suse.com/security/cve/CVE-2015-5129/ SUSE CVE CVE-2015-5129 page https://www.suse.com/security/cve/CVE-2015-5130/ SUSE CVE CVE-2015-5130 page https://www.suse.com/security/cve/CVE-2015-5131/ SUSE CVE CVE-2015-5131 page https://www.suse.com/security/cve/CVE-2015-5132/ SUSE CVE CVE-2015-5132 page https://www.suse.com/security/cve/CVE-2015-5133/ SUSE CVE CVE-2015-5133 page https://www.suse.com/security/cve/CVE-2015-5134/ SUSE CVE CVE-2015-5134 page https://www.suse.com/security/cve/CVE-2015-5539/ SUSE CVE CVE-2015-5539 page https://www.suse.com/security/cve/CVE-2015-5540/ SUSE CVE CVE-2015-5540 page https://www.suse.com/security/cve/CVE-2015-5541/ SUSE CVE CVE-2015-5541 page https://www.suse.com/security/cve/CVE-2015-5544/ SUSE CVE CVE-2015-5544 page https://www.suse.com/security/cve/CVE-2015-5545/ SUSE CVE CVE-2015-5545 page https://www.suse.com/security/cve/CVE-2015-5546/ SUSE CVE CVE-2015-5546 page https://www.suse.com/security/cve/CVE-2015-5547/ SUSE CVE CVE-2015-5547 page https://www.suse.com/security/cve/CVE-2015-5548/ SUSE CVE CVE-2015-5548 page https://www.suse.com/security/cve/CVE-2015-5549/ SUSE CVE CVE-2015-5549 page https://www.suse.com/security/cve/CVE-2015-5550/ SUSE CVE CVE-2015-5550 page https://www.suse.com/security/cve/CVE-2015-5551/ SUSE CVE CVE-2015-5551 page https://www.suse.com/security/cve/CVE-2015-5552/ SUSE CVE CVE-2015-5552 page https://www.suse.com/security/cve/CVE-2015-5553/ SUSE CVE CVE-2015-5553 page https://www.suse.com/security/cve/CVE-2015-5554/ SUSE CVE CVE-2015-5554 page https://www.suse.com/security/cve/CVE-2015-5555/ SUSE CVE CVE-2015-5555 page https://www.suse.com/security/cve/CVE-2015-5556/ SUSE CVE CVE-2015-5556 page https://www.suse.com/security/cve/CVE-2015-5557/ SUSE CVE CVE-2015-5557 page https://www.suse.com/security/cve/CVE-2015-5558/ SUSE CVE CVE-2015-5558 page https://www.suse.com/security/cve/CVE-2015-5559/ SUSE CVE CVE-2015-5559 page https://www.suse.com/security/cve/CVE-2015-5560/ SUSE CVE CVE-2015-5560 page https://www.suse.com/security/cve/CVE-2015-5561/ SUSE CVE CVE-2015-5561 page https://www.suse.com/security/cve/CVE-2015-5562/ SUSE CVE CVE-2015-5562 page https://www.suse.com/security/cve/CVE-2015-5563/ SUSE CVE CVE-2015-5563 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Workstation Extension 12 flash-player-11.2.202.508-99.1 flash-player-gnome-11.2.202.508-99.1 flash-player-11.2.202.508-99.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-gnome-11.2.202.508-99.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-11.2.202.508-99.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-gnome-11.2.202.508-99.1 as a component of SUSE Linux Enterprise Workstation Extension 12 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106. CVE-2015-3107 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-3107.html CVE-2015-3107 https://bugzilla.suse.com/934088 SUSE Bug 934088 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. CVE-2015-5124 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5124.html CVE-2015-5124 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. CVE-2015-5125 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5125.html CVE-2015-5125 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5127 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5127.html CVE-2015-5127 https://bugzilla.suse.com/941239 SUSE Bug 941239 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2015-5128 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5128.html CVE-2015-5128 https://bugzilla.suse.com/941239 SUSE Bug 941239 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541. CVE-2015-5129 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5129.html CVE-2015-5129 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5130 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5130.html CVE-2015-5130 https://bugzilla.suse.com/941239 SUSE Bug 941239 https://bugzilla.suse.com/952254 SUSE Bug 952254 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133. CVE-2015-5131 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5131.html CVE-2015-5131 https://bugzilla.suse.com/941239 SUSE Bug 941239 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133. CVE-2015-5132 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5132.html CVE-2015-5132 https://bugzilla.suse.com/941239 SUSE Bug 941239 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132. CVE-2015-5133 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5133.html CVE-2015-5133 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5134 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5134.html CVE-2015-5134 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5539 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5539.html CVE-2015-5539 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5540 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5540.html CVE-2015-5540 https://bugzilla.suse.com/941239 SUSE Bug 941239 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129. CVE-2015-5541 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5541.html CVE-2015-5541 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5544 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5544.html CVE-2015-5544 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5545 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5545.html CVE-2015-5545 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5546 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5546.html CVE-2015-5546 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5547 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5547.html CVE-2015-5547 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5548 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5548.html CVE-2015-5548 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5549 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5549.html CVE-2015-5549 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5550 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5550.html CVE-2015-5550 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5551 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5551.html CVE-2015-5551 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553. CVE-2015-5552 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5552.html CVE-2015-5552 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5552. CVE-2015-5553 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5553.html CVE-2015-5553 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2015-5562. CVE-2015-5554 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5554.html CVE-2015-5554 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5558, and CVE-2015-5562. CVE-2015-5555 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5555.html CVE-2015-5555 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5556 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5556.html CVE-2015-5556 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5557 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5557.html CVE-2015-5557 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5562. CVE-2015-5558 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5558.html CVE-2015-5558 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5559 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5559.html CVE-2015-5559 https://bugzilla.suse.com/941239 SUSE Bug 941239 Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors. CVE-2015-5560 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5560.html CVE-2015-5560 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5561 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5561.html CVE-2015-5561 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558. CVE-2015-5562 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5562.html CVE-2015-5562 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5563 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.508-99.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.508-99.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151374-1/ https://www.suse.com/security/cve/CVE-2015-5563.html CVE-2015-5563 https://bugzilla.suse.com/941239 SUSE Bug 941239