---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA28213 VERIFY ADVISORY: http://secunia.com/advisories/28213/ CRITICAL: Highly critical IMPACT: Unknown, Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ openSUSE 10.2 http://secunia.com/product/13375/ openSUSE 10.3 http://secunia.com/product/16124/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system. For more information: SA28161 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm 458f40bd9a8e92f6e023e76abead4314 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm d633f8e0bbd9c409430a966904774ecc SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/flash-player-9.0.115.0-0.2.i586.rpm c3dda649b3d756ed3e2bacf157488355 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/flash-player-9.0.115.0-0.1.src.rpm 8800a58c48768989b74fed31be4f633c SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/flash-player-9.0.115.0-0.2.src.rpm 1774fb28b6c550af16f738c4daa20a4e openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/flash-player-9.0.115.0-0.1.src.rpm ac9d87e16de02daa91202e16cb6fffc3 Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html ORIGINAL ADVISORY: http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html OTHER REFERENCES: SA28161: http://secunia.com/advisories/28161/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------