Security update for flash-player SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1781-1 Final 1 1 2015-10-19T09:34:45Z current 2015-10-19T09:34:45Z 2015-10-19T09:34:45Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for flash-player This security issue was fixed: - CVE-2015-7645: Critical vulnerability affecting 11.2.202.535 used in Pawn Storm (APSA15-05) (bsc#950474). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html E-Mail link for openSUSE-SU-2015:1781-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Evergreen 11.4 flash-player-11.2.202.540-176.1 flash-player-gnome-11.2.202.540-176.1 flash-player-kde4-11.2.202.540-176.1 flash-player-11.2.202.540-176.1 as a component of openSUSE Evergreen 11.4 flash-player-gnome-11.2.202.540-176.1 as a component of openSUSE Evergreen 11.4 flash-player-kde4-11.2.202.540-176.1 as a component of openSUSE Evergreen 11.4 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106. CVE-2015-3107 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-3107.html CVE-2015-3107 https://bugzilla.suse.com/934088 SUSE Bug 934088 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. CVE-2015-5124 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5124.html CVE-2015-5124 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. CVE-2015-5125 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5125.html CVE-2015-5125 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5127 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5127.html CVE-2015-5127 https://bugzilla.suse.com/941239 SUSE Bug 941239 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2015-5128 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5128.html CVE-2015-5128 https://bugzilla.suse.com/941239 SUSE Bug 941239 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5541. CVE-2015-5129 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5129.html CVE-2015-5129 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5130 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5130.html CVE-2015-5130 https://bugzilla.suse.com/941239 SUSE Bug 941239 https://bugzilla.suse.com/952254 SUSE Bug 952254 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5132 and CVE-2015-5133. CVE-2015-5131 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5131.html CVE-2015-5131 https://bugzilla.suse.com/941239 SUSE Bug 941239 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133. CVE-2015-5132 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5132.html CVE-2015-5132 https://bugzilla.suse.com/941239 SUSE Bug 941239 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132. CVE-2015-5133 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5133.html CVE-2015-5133 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5134 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5134.html CVE-2015-5134 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5539 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5539.html CVE-2015-5539 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5540 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5540.html CVE-2015-5540 https://bugzilla.suse.com/941239 SUSE Bug 941239 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129. CVE-2015-5541 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5541.html CVE-2015-5541 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5544 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5544.html CVE-2015-5544 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5545 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5545.html CVE-2015-5545 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5546 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5546.html CVE-2015-5546 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5548, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5547 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5547.html CVE-2015-5547 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5549, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5548 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5548.html CVE-2015-5548 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5552, and CVE-2015-5553. CVE-2015-5549 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5549.html CVE-2015-5549 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5550 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5550.html CVE-2015-5550 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5551 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5551.html CVE-2015-5551 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553. CVE-2015-5552 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5552.html CVE-2015-5552 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5552. CVE-2015-5553 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5553.html CVE-2015-5553 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2015-5562. CVE-2015-5554 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5554.html CVE-2015-5554 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5558, and CVE-2015-5562. CVE-2015-5555 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5555.html CVE-2015-5555 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5556 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5556.html CVE-2015-5556 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5557 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5557.html CVE-2015-5557 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5562. CVE-2015-5558 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5558.html CVE-2015-5558 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5559 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5559.html CVE-2015-5559 https://bugzilla.suse.com/941239 SUSE Bug 941239 Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors. CVE-2015-5560 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5560.html CVE-2015-5560 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5561 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5561.html CVE-2015-5561 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558. CVE-2015-5562 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5562.html CVE-2015-5562 https://bugzilla.suse.com/941239 SUSE Bug 941239 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5564, and CVE-2015-5565. CVE-2015-5563 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5563.html CVE-2015-5563 https://bugzilla.suse.com/941239 SUSE Bug 941239 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579. CVE-2015-5567 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5567.html CVE-2015-5567 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. CVE-2015-5568 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5568.html CVE-2015-5568 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors. CVE-2015-5569 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5569.html CVE-2015-5569 https://bugzilla.suse.com/950169 SUSE Bug 950169 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. CVE-2015-5570 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5570.html CVE-2015-5570 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671 and CVE-2014-5333. CVE-2015-5571 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5571.html CVE-2015-5571 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. CVE-2015-5572 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5572.html CVE-2015-5572 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion." CVE-2015-5573 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5573.html CVE-2015-5573 https://bugzilla.suse.com/946880 SUSE Bug 946880 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. CVE-2015-5574 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5574.html CVE-2015-5574 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. CVE-2015-5575 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5575.html CVE-2015-5575 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. CVE-2015-5576 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5576.html CVE-2015-5576 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. CVE-2015-5577 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5577.html CVE-2015-5577 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. CVE-2015-5578 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5578.html CVE-2015-5578 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5567. CVE-2015-5579 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5579.html CVE-2015-5579 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. CVE-2015-5580 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5580.html CVE-2015-5580 https://bugzilla.suse.com/946880 SUSE Bug 946880 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5584, and CVE-2015-6682. CVE-2015-5581 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5581.html CVE-2015-5581 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5588, and CVE-2015-6677. CVE-2015-5582 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5582.html CVE-2015-5582 https://bugzilla.suse.com/946880 SUSE Bug 946880 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-6682. CVE-2015-5584 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5584.html CVE-2015-5584 https://bugzilla.suse.com/946880 SUSE Bug 946880 Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors. CVE-2015-5587 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5587.html CVE-2015-5587 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-6677. CVE-2015-5588 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-5588.html CVE-2015-5588 https://bugzilla.suse.com/946880 SUSE Bug 946880 Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6678. CVE-2015-6676 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-6676.html CVE-2015-6676 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588. CVE-2015-6677 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-6677.html CVE-2015-6677 https://bugzilla.suse.com/946880 SUSE Bug 946880 Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676. CVE-2015-6678 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-6678.html CVE-2015-6678 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. CVE-2015-6679 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-6679.html CVE-2015-6679 https://bugzilla.suse.com/946880 SUSE Bug 946880 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584. CVE-2015-6682 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-6682.html CVE-2015-6682 https://bugzilla.suse.com/946880 SUSE Bug 946880 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634. CVE-2015-7625 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7625.html CVE-2015-7625 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634. CVE-2015-7626 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7626.html CVE-2015-7626 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634. CVE-2015-7627 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7627.html CVE-2015-7627 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. CVE-2015-7628 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7628.html CVE-2015-7628 https://bugzilla.suse.com/950169 SUSE Bug 950169 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property, a different vulnerability than CVE-2015-7631, CVE-2015-7643, and CVE-2015-7644. CVE-2015-7629 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7629.html CVE-2015-7629 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633, and CVE-2015-7634. CVE-2015-7630 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7630.html CVE-2015-7630 https://bugzilla.suse.com/950169 SUSE Bug 950169 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a different vulnerability than CVE-2015-7629, CVE-2015-7643, and CVE-2015-7644. CVE-2015-7631 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7631.html CVE-2015-7631 https://bugzilla.suse.com/950169 SUSE Bug 950169 Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property. CVE-2015-7632 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7632.html CVE-2015-7632 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7634. CVE-2015-7633 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7633.html CVE-2015-7633 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7633. CVE-2015-7634 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7634.html CVE-2015-7634 https://bugzilla.suse.com/950169 SUSE Bug 950169 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7644. CVE-2015-7643 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7643.html CVE-2015-7643 https://bugzilla.suse.com/950169 SUSE Bug 950169 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7643. CVE-2015-7644 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7644.html CVE-2015-7644 https://bugzilla.suse.com/950169 SUSE Bug 950169 Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015. CVE-2015-7645 openSUSE Evergreen 11.4:flash-player-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-gnome-11.2.202.540-176.1 openSUSE Evergreen 11.4:flash-player-kde4-11.2.202.540-176.1 critical Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html https://www.suse.com/security/cve/CVE-2015-7645.html CVE-2015-7645 https://bugzilla.suse.com/950474 SUSE Bug 950474