Recommended update for flash-player SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:2308-1 Final 1 1 2016-09-14T15:12:32Z current 2016-09-14T15:12:32Z 2016-09-14T15:12:32Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for flash-player This update for flash-player fixes the following security issues (APSB16-29, boo#998589): * integer overflow vulnerability that could lead to code execution (CVE-2016-4287). * use-after-free vulnerabilities that could lead to code execution (CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, CVE-2016-6932) * security bypass vulnerabilities that could lead to information disclosure (CVE-2016-4271, CVE-2016-4277, CVE-2016-4278) * memory corruption vulnerabilities that could lead to code execution (CVE-2016-4182, CVE-2016-4237, CVE-2016-4238, CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924) The package description was update to reflex that the stand-alone Flash is no longer provided on x86_64 architectures (boo#977664). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html E-Mail link for openSUSE-SU-2016:2308-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.2 NonFree flash-player-11.2.202.635-2.108.1 flash-player-gnome-11.2.202.635-2.108.1 flash-player-kde4-11.2.202.635-2.108.1 flash-player-11.2.202.635-2.108.1 as a component of openSUSE 13.2 NonFree flash-player-gnome-11.2.202.635-2.108.1 as a component of openSUSE 13.2 NonFree flash-player-kde4-11.2.202.635-2.108.1 as a component of openSUSE 13.2 NonFree Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246. CVE-2016-4182 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4182.html CVE-2016-4182 https://bugzilla.suse.com/988579 SUSE Bug 988579 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246. CVE-2016-4237 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4237.html CVE-2016-4237 https://bugzilla.suse.com/988579 SUSE Bug 988579 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246. CVE-2016-4238 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4238.html CVE-2016-4238 https://bugzilla.suse.com/988579 SUSE Bug 988579 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue. CVE-2016-4271 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4271.html CVE-2016-4271 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-4272 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4272.html CVE-2016-4272 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4274 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4274.html CVE-2016-4274 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4275 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4275.html CVE-2016-4275 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4276 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4276.html CVE-2016-4276 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278. CVE-2016-4277 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4277.html CVE-2016-4277 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277. CVE-2016-4278 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4278.html CVE-2016-4278 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-4279 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4279.html CVE-2016-4279 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4280 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4280.html CVE-2016-4280 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4281 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4281.html CVE-2016-4281 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4282 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4282.html CVE-2016-4282 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4283 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4283.html CVE-2016-4283 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4284 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4284.html CVE-2016-4284 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-6922, and CVE-2016-6924. CVE-2016-4285 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4285.html CVE-2016-4285 https://bugzilla.suse.com/998589 SUSE Bug 998589 Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors. CVE-2016-4287 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-4287.html CVE-2016-4287 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6921 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6921.html CVE-2016-6921 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924. CVE-2016-6922 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6922.html CVE-2016-6922 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6923 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6923.html CVE-2016-6923 https://bugzilla.suse.com/998589 SUSE Bug 998589 Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6922. CVE-2016-6924 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6924.html CVE-2016-6924 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6925 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6925.html CVE-2016-6925 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6926 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6926.html CVE-2016-6926 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6927 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6927.html CVE-2016-6927 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6929 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6929.html CVE-2016-6929 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932. CVE-2016-6930 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6930.html CVE-2016-6930 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6932. CVE-2016-6931 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6931.html CVE-2016-6931 https://bugzilla.suse.com/998589 SUSE Bug 998589 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931. CVE-2016-6932 openSUSE 13.2 NonFree:flash-player-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-gnome-11.2.202.635-2.108.1 openSUSE 13.2 NonFree:flash-player-kde4-11.2.202.635-2.108.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00009.html https://www.suse.com/security/cve/CVE-2016-6932.html CVE-2016-6932 https://bugzilla.suse.com/998589 SUSE Bug 998589