SuSE Security Advisory SUSE-SA:2009:041 (flash-player) Network Vulnerability

Summary

The remote host is missing updates announced in advisory SUSE-SA:2009:041.

Solution

Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:041

Insight

The flash-player is a web-browser plugin that allows displaying animated web-content and remote access to client hardware (mic, web-cam, etc.). A specially crafted Shockwave-Flash (SWF) file could cause a buffer overflow in the flash-player plugin. This buffer overflow can probably be exploited to execute arbitrary code remotely.

Severity

Classification

CVE CVE-2009-0114, CVE-2009-0519, CVE-2009-0520, CVE-2009-0521

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for Mozilla NSS
SLES10: Security update for libvorbis
SLES10: Security update for librpcsecgss
SLES10: Recommended update for Linux Kernel (x86)
SLES10: Security update for nfs-utils

Take action and discover your vulnerabilities