RedHat Security Advisory RHSA-2009:0334 Network Vulnerability

Summary

The remote host is missing updates announced in advisory RHSA-2009:0334. The flash-plugin package contains a Firefox-compatible Adobe Flash Player Web browser plug-in. Multiple input validation flaws were found in the way Flash Player displayed certain SWF (Shockwave Flash) content. An attacker could use these flaws to create a specially-crafted SWF file that could cause flash-plugin to crash, or, possibly, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2009-0520, CVE-2009-0519) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.159.0.

Solution

Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date

References

http://rhn.redhat.com/errata/RHSA-2009-0334.html
http://www.adobe.com/products/flashplayer/
http://www.adobe.com/support/security/bulletins/apsb09-01.html
http://www.redhat.com/security/updates/classification/#critical

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0519, CVE-2009-0520
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0003
RedHat Security Advisory RHSA-2009:0257
RedHat Security Advisory RHSA-2009:0012
RedHat Security Advisory RHSA-2009:1038
RedHat Security Advisory RHSA-2009:0270

Take action and discover your vulnerabilities