Security update for flash-player SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:0715-1 Final 1 1 2016-03-11T09:04:38Z current 2016-03-11T09:04:38Z 2016-03-11T09:04:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for flash-player Adobe flash-player was updated to 11.2.202.577 to fix the following list of security issues (bsc#970547): These updates resolve integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000). These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2016-1001). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, CVE-2016-1005). Adobe advisory with more information: https://helpx.adobe.com/security/products/flash-player/apsb16-08.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2016-412,SUSE-SLE-DESKTOP-12-SP1-2016-412,SUSE-SLE-WE-12-2016-412,SUSE-SLE-WE-12-SP1-2016-412 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ Link for SUSE-SU-2016:0715-1 https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html E-Mail link for SUSE-SU-2016:0715-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/970547 SUSE Bug 970547 https://www.suse.com/security/cve/CVE-2016-0960/ SUSE CVE CVE-2016-0960 page https://www.suse.com/security/cve/CVE-2016-0961/ SUSE CVE CVE-2016-0961 page https://www.suse.com/security/cve/CVE-2016-0962/ SUSE CVE CVE-2016-0962 page https://www.suse.com/security/cve/CVE-2016-0963/ SUSE CVE CVE-2016-0963 page https://www.suse.com/security/cve/CVE-2016-0986/ SUSE CVE CVE-2016-0986 page https://www.suse.com/security/cve/CVE-2016-0987/ SUSE CVE CVE-2016-0987 page https://www.suse.com/security/cve/CVE-2016-0988/ SUSE CVE CVE-2016-0988 page https://www.suse.com/security/cve/CVE-2016-0989/ SUSE CVE CVE-2016-0989 page https://www.suse.com/security/cve/CVE-2016-0990/ SUSE CVE CVE-2016-0990 page https://www.suse.com/security/cve/CVE-2016-0991/ SUSE CVE CVE-2016-0991 page https://www.suse.com/security/cve/CVE-2016-0992/ SUSE CVE CVE-2016-0992 page https://www.suse.com/security/cve/CVE-2016-0993/ SUSE CVE CVE-2016-0993 page https://www.suse.com/security/cve/CVE-2016-0994/ SUSE CVE CVE-2016-0994 page https://www.suse.com/security/cve/CVE-2016-0995/ SUSE CVE CVE-2016-0995 page https://www.suse.com/security/cve/CVE-2016-0996/ SUSE CVE CVE-2016-0996 page https://www.suse.com/security/cve/CVE-2016-0997/ SUSE CVE CVE-2016-0997 page https://www.suse.com/security/cve/CVE-2016-0998/ SUSE CVE CVE-2016-0998 page https://www.suse.com/security/cve/CVE-2016-0999/ SUSE CVE CVE-2016-0999 page https://www.suse.com/security/cve/CVE-2016-1000/ SUSE CVE CVE-2016-1000 page https://www.suse.com/security/cve/CVE-2016-1001/ SUSE CVE CVE-2016-1001 page https://www.suse.com/security/cve/CVE-2016-1002/ SUSE CVE CVE-2016-1002 page https://www.suse.com/security/cve/CVE-2016-1005/ SUSE CVE CVE-2016-1005 page https://www.suse.com/security/cve/CVE-2016-1010/ SUSE CVE CVE-2016-1010 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-11.2.202.577-123.1 flash-player-gnome-11.2.202.577-123.1 flash-player-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-gnome-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-gnome-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-gnome-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-gnome-11.2.202.577-123.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0960 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0960.html CVE-2016-0960 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0961 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0961.html CVE-2016-0961 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0962 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0962.html CVE-2016-0962 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010. CVE-2016-0963 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0963.html CVE-2016-0963 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0986 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0986.html CVE-2016-0986 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0987 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0987.html CVE-2016-0987 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0988 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0988.html CVE-2016-0988 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0989 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0989.html CVE-2016-0989 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0990 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0990.html CVE-2016-0990 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0991 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0991.html CVE-2016-0991 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0992 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0992.html CVE-2016-0992 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. CVE-2016-0993 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0993.html CVE-2016-0993 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0994 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0994.html CVE-2016-0994 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0995 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0995.html CVE-2016-0995 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0996 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0996.html CVE-2016-0996 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0997 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0997.html CVE-2016-0997 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0998 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0998.html CVE-2016-0998 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. CVE-2016-0999 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-0999.html CVE-2016-0999 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. CVE-2016-1000 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-1000.html CVE-2016-1000 https://bugzilla.suse.com/1016168 SUSE Bug 1016168 https://bugzilla.suse.com/1016169 SUSE Bug 1016169 https://bugzilla.suse.com/1016366 SUSE Bug 1016366 https://bugzilla.suse.com/970547 SUSE Bug 970547 https://bugzilla.suse.com/988484 SUSE Bug 988484 https://bugzilla.suse.com/988486 SUSE Bug 988486 https://bugzilla.suse.com/988487 SUSE Bug 988487 https://bugzilla.suse.com/988488 SUSE Bug 988488 https://bugzilla.suse.com/988489 SUSE Bug 988489 https://bugzilla.suse.com/988491 SUSE Bug 988491 https://bugzilla.suse.com/988492 SUSE Bug 988492 https://bugzilla.suse.com/989125 SUSE Bug 989125 https://bugzilla.suse.com/989170 SUSE Bug 989170 https://bugzilla.suse.com/989172 SUSE Bug 989172 https://bugzilla.suse.com/989174 SUSE Bug 989174 https://bugzilla.suse.com/989523 SUSE Bug 989523 https://bugzilla.suse.com/989532 SUSE Bug 989532 https://bugzilla.suse.com/989569 SUSE Bug 989569 https://bugzilla.suse.com/989989 SUSE Bug 989989 https://bugzilla.suse.com/989995 SUSE Bug 989995 https://bugzilla.suse.com/989997 SUSE Bug 989997 https://bugzilla.suse.com/990847 SUSE Bug 990847 https://bugzilla.suse.com/997861 SUSE Bug 997861 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. CVE-2016-1001 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-1001.html CVE-2016-1001 https://bugzilla.suse.com/1016340 SUSE Bug 1016340 https://bugzilla.suse.com/1016368 SUSE Bug 1016368 https://bugzilla.suse.com/1016369 SUSE Bug 1016369 https://bugzilla.suse.com/1016370 SUSE Bug 1016370 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005. CVE-2016-1002 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-1002.html CVE-2016-1002 https://bugzilla.suse.com/1014298 SUSE Bug 1014298 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002. CVE-2016-1005 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-1005.html CVE-2016-1005 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. CVE-2016-1010 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.577-123.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.577-123.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160715-1/ https://www.suse.com/security/cve/CVE-2016-1010.html CVE-2016-1010 https://bugzilla.suse.com/970547 SUSE Bug 970547