Ubuntu
flashplugin-nonfree package

[flashplugin-nonfree] Arbitrary code execution in Flash Player 9.0.45.0 and prior versions

Bug #125233 reported by disabled.user on 2007-07-11

This bug report is a duplicate of: Bug #125986: [MASTER] No flash after update of flashplugin-nonfree. Edit Remove

266

Affects		Status	Importance	Assigned to	Milestone
	flashplugin-nonfree (Ubuntu)	Fix Released	Undecided	Unassigned
	Feisty	Fix Committed	High	John Vivirito

Bug Description

Binary package hint: flashplugin-nonfree

An updated version of Adobe Flash Player, that fixes possible arbitrary code execution, is available. Please provide updated packages for flashplugin-nonfree.

From:
http://www.heise-security.co.uk/news/92520

"While an input validation error could lead to arbitrary code execution in Flash Player 9.0.45.0 and prior versions, insufficient validation of the HTTP Referer in Flash Player 8.0.34.0 and earlier versions might help attackers to execute cross-site scripting attacks. Another security problem related to the Opera and Konqueror browsers exists in Flash Player 7 (version 7.0.70.0) for Linux and Solaris, but Adobe does not provide more detailed information on this issue. The vendor advises users to upgrade to version 9.0.47, but also provides patches for other versions of the software."

Corresponding Adobe Security Advisories:
http://www.adobe.com/support/security/bulletins/apsb07-12.html

See original description

Tags:

Related branches

lp:ubuntu/karmic/flashplugin-nonfree

lp:ubuntu/feisty-security/flashplugin-nonfree

CVE References

disabled.user (disabled.user-deactivatedaccount) on 2007-07-11

description:

updated

Revision history for this message

Daniel T Chen (crimsun) wrote on 2007-07-13:

#1

flashplugin-nonfree (9.0.48.0.0ubuntu2) gutsy; urgency=low

  * SECURITY UPDATE: Arbitrary code execution due to insufficient input
    validation (LP: #125233)
  * References
    http://www.adobe.com/support/security/bulletins/apsb07-12.html
    CVE-2007-3456, CVE-2007-3457, CVE-2007-2022
  * debian/config: Update install_flash_player_9_linux.tar.gz's md5sum

-- Daniel T Chen <email address hidden> Fri, 13 Jul 2007 18:20:46 -0400

Changed in flashplugin-nonfree:
status:	New → Fix Released

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2007-07-17:

#2

Will there also be updated packages for the stable releases?

Revision history for this message

Martin Pitt (pitti) wrote on 2007-07-20:

#3

flashplugin-nonfree (9.0.48.0.0ubuntu1~7.04.1) feisty-proposed; urgency=low
.
   * SECURITY UPDATE: Arbitrary code execution due to insufficient input
     validation (LP: #125233)
   * References
     http://www.adobe.com/support/security/bulletins/apsb07-12.html
     CVE-2007-3456, CVE-2007-3457, CVE-2007-2022
   * debian/config: Update install_flash_player_9_linux.tar.gz's md5sum
     (LP: #125986)

Accepted into feisty-proposed.

Changed in flashplugin-nonfree:
assignee:	nobody → gnomefreak
importance:	Undecided → High
status:	New → Fix Committed

Revision history for this message

John Vivirito (gnomefreak) wrote on 2007-07-20:

#4

flashplugin-nonfree (9.0.48.0.0ubuntu1~7.04.1) feisty-proposed; urgency=low

  * SECURITY UPDATE: Arbitrary code execution due to insufficient input
    validation (LP: #125233)
  * References
    http://www.adobe.com/support/security/bulletins/apsb07-12.html
    CVE-2007-3456, CVE-2007-3457, CVE-2007-2022
  * debian/config: Update install_flash_player_9_linux.tar.gz's md5sum
    (LP: #125986)

-- John Vivirito <email address hidden> Sat, 14 Jul 2007 12:49:38 -0400

Changed in flashplugin-nonfree:
status:	Fix Committed → Fix Released

Revision history for this message

Tormod Volden (tormodvolden) wrote on 2007-07-20:

#5

Does this new deb try to resolve the problem in https://bugs.launchpad.net/ubuntu/+source/flashplugin-nonfree/+bug/125131/comments/20 ?

Revision history for this message

Tormod Volden (tormodvolden) wrote on 2007-07-20:

#6

That is: flashplugin-nonfree does not download the new blob if the old blob from the last installation is there (maybe because they have the same name). Then of course the checksum fails.

I guess it should either look at the timestamps of the blob (and download a new if needed), or just delete the blob after installation.

Revision history for this message

Tormod Volden (tormodvolden) wrote on 2007-07-21:

#7

According to https://wiki.ubuntu.com/MOTU/SRU, the Feisty task is committed, not released. There is also no notification posted on the ubuntu-motu mailing list.

Please check that the new package also works for upgrades.

Changed in flashplugin-nonfree:
status:	Fix Released → Fix Committed

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #125986 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.