Overview

File _patchinfo of Package patchinfo.806

<patchinfo incident="806">
  <issue id="937752" tracker="bnc">VUL-0: CVE-2015-5122,CVE-2015-5123: flash-player: second hackingteam 0day (APSA15-04,APSB15-18)</issue>
  <issue id="CVE-2015-5123" tracker="cve" />
  <issue id="CVE-2015-5122" tracker="cve" />
  <category>security</category>
  <rating>critical</rating>
  <packager>AndreasStieger</packager>
  <description>flash-player was updated to fix two security issues.

These security issues were fixed:
- CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function (bsc#937752).
- CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property (bsc#937752).
  </description>
  <summary>Security update for flash-player</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places