File _patchinfo of Package patchinfo.import5183

<patchinfo incident="flash-player" version="5183">
  <issue tracker="bnc" id="719400" />
  <issue tracker="CVE" id="CVE-2011-2426" />
  <issue tracker="CVE" id="CVE-2011-2427" />
  <issue tracker="CVE" id="CVE-2011-2428" />
  <issue tracker="CVE" id="CVE-2011-2429" />
  <issue tracker="CVE" id="CVE-2011-2430" />
  <issue tracker="CVE" id="CVE-2011-2444" />
  <category>security</category>
  <rating>low</rating>
  <summary>Flash-Player: Update to 10.3.183.10</summary>
  <description>This update resolves a universal cross-site scripting issue
that could be used to take actions on a user's behalf on
any website or webmail provider if the user visits a
malicious website (CVE-2011-2444).

Note: There are reports that this issue is being exploited
in the wild in active targeted attacks designed to trick
the user into clicking on a malicious link delivered in an
email message.

This update resolves an AVM stack overflow issue that may
allow for remote code execution. (CVE-2011-2426).

This update resolves an AVM stack overflow issue that may
lead to denial of service and code execution.
(CVE-2011-2427).

This update resolves a logic error issue which causes a
browser crash and may lead to code execution.  (CVE-2011-
2428).

This update resolves a Flash Player security  control
bypass which could allow information disclosure.
(CVE-2011-2429).

This update resolves a streaming media logic error
vulnerability which could lead to code execution.
(CVE-2011-2430).
</description>
  <packager>adrianSuSE</packager>
</patchinfo>