diff options
| author | tijl <tijl@FreeBSD.org> | 2016-11-10 18:48:56 +0800 |
|---|---|---|
| committer | tijl <tijl@FreeBSD.org> | 2016-11-10 18:48:56 +0800 |
| commit | 3be5016f8c6e75eefdee62069768eba4ca7f9547 (patch) | |
| tree | b99a916a3984cf00ff035a76b45fa14a5122a8bc | |
| parent | 424102dd4cf47273fb8a5c5abf2618b513b715f8 (diff) | |
| download | freebsd-ports-graphics-3be5016f8c6e75eefdee62069768eba4ca7f9547.tar.gz freebsd-ports-graphics-3be5016f8c6e75eefdee62069768eba4ca7f9547.tar.zst freebsd-ports-graphics-3be5016f8c6e75eefdee62069768eba4ca7f9547.zip | |
Document latest flash plugin vulnerabilities.
Security: https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
| -rw-r--r-- | security/vuxml/vuln.xml | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 95ed6735803..067cdd277d4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,49 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="96f6bf10-a731-11e6-95ca-0011d823eebd"> + <topic>flash -- multiple vulnerabilities</topic> + <affects> + <package> + <name>linux-c6-flashplugin</name> + <name>linux-c7-flashplugin</name> + <name>linux-f10-flashplugin</name> + <range><lt>11.2r202.644</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Adobe reports:</p> + <blockquote cite="https://helpx.adobe.com/security/products/flash-player/apsb16-37.html"> + <ul> + <li>These updates resolve type confusion vulnerabilities that + could lead to code execution (CVE-2016-7860, CVE-2016-7861, + CVE-2016-7865).</li> + <li>These updates resolve use-after-free vulnerabilities that + could lead to code execution (CVE-2016-7857, CVE-2016-7858, + CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864).</li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>https://helpx.adobe.com/security/products/flash-player/apsb16-37.html</url> + <cvename>CVE-2016-7857</cvename> + <cvename>CVE-2016-7858</cvename> + <cvename>CVE-2016-7859</cvename> + <cvename>CVE-2016-7860</cvename> + <cvename>CVE-2016-7861</cvename> + <cvename>CVE-2016-7862</cvename> + <cvename>CVE-2016-7863</cvename> + <cvename>CVE-2016-7864</cvename> + <cvename>CVE-2016-7865</cvename> + </references> + <dates> + <discovery>2016-11-08</discovery> + <entry>2016-11-10</entry> + </dates> + </vuln> + <vuln vid="10968dfd-a687-11e6-b2d3-60a44ce6887b"> <topic>gitlab -- Directory traversal via "import/export" feature</topic> <affects> |