Comment 0 for bug 125233

Binary package hint: flashplugin-nonfree

An updated version of Adobe Flash Player, that fixes possible arbitrary code execution, is available. Please provide updated packages for flashplugin-nonfree.


"While an input validation error could lead to arbitrary code execution in Flash Player and prior versions, insufficient validation of the HTTP Referer in Flash Player and earlier versions might help attackers to execute cross-site scripting attacks. Another security problem related to the Opera and Konqueror browsers exists in Flash Player 7 (version for Linux and Solaris, but Adobe does not provide more detailed information on this issue. The vendor advises users to upgrade to version 9.0.47, but also provides patches for other versions of the software."