Package: flashplugin-nonfree Version: 7.0.63.7 Severity: grave Tags: security Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - From <http://www.adobe.com/support/security/bulletins/apsb06-11.html>: Multiple Vulnerabilities in Adobe Flash Player 8.0.24.0 and Earlier Versions CVE-2006-3014 Arbitrary javascript execution [Windows/MS Excel only] CVE-2006-3311 Buffer overflow allows remote arbitrary code execution CVE-2006-3587 Remote arbitrary code execution [flash 8 only] CVE-2006-3588 Remote DOS (browser crash) [flash 8 only] CVE-2006-4640 Remote bypass of scripting protections Critical vulnerabilities have been identified in Flash Player 8.0.24.0 and earlier versions that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Although the text on the page is unclear, it seems that the Linux Flash player is fixed in version 7.0.68.0. - -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages flashplugin-nonfree depends on: ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy ii gsfonts-x11 0.20 Make Ghostscript fonts available t ii wget 1.10.2-2 retrieves files from the web Versions of packages flashplugin-nonfree recommends: pn libstdc++2.10-glibc2.2 <none> (no description available) pn xfs <none> (no description available) - -- debconf information: flashplugin-nonfree/httpget: true flashplugin-nonfree/not_exist: flashplugin-nonfree/http_proxy: flashplugin-nonfree/local: flashplugin-nonfree/delete: false flashplugin-nonfree/failed: -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFB9V9shl/216gEHgRAsnaAKDpjdDfrzSBG4qC1pe5In0awvRJfwCff5HV 5vkJ7gy8yhrREjpIktTrJt8= =eKHj -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
