- Document linux-flashplugin -- multiple vulnerabilities

Reviewed by:	stas

1 files changed, 35 insertions, 0 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 0e6bfa9a699..2a97ba9f8a2 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,41 @@ Note:  Please add new entries to the beginning of this file.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="78f456fd-9c87-11dd-a55e-00163e000016">
+    <topic>linux-flashplugin -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>linux-flashplugin</name>
+	<range><lt>9.0r124_1</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Adobe Product Security Incident Response Team reports:</p>
+	<blockquote
+	cite="http://www.adobe.com/support/security/bulletins/apsb08-18.html">
+	  <p>Potential vulnerabilities have been identified in Adobe Flash
+	  Player 9.0.124.0 and earlier that could allow an attacker who
+	  successfully exploits these potential vulnerabilities to bypass Flash
+	  Player security controls. Adobe recommends users update to the most
+	  current version of Flash Player available for their platform.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2007-6243</cvename>
+      <cvename>CVE-2008-3873</cvename>
+      <cvename>CVE-2007-4324</cvename>
+      <cvename>CVE-2008-4401</cvename>
+      <cvename>CVE-2008-4503</cvename>
+      <url>http://www.adobe.com/support/security/bulletins/apsb08-18.html</url>
+    </references>
+    <dates>
+      <discovery>2008-10-15</discovery>
+      <entry>2008-10-17</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="d71da236-9a94-11dd-8f42-001c2514716c">
     <topic>libxml2 -- two vulnerabilities</topic>
     <affects>