Security update for Adobe Flash Player SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0734-1 Final 1 1 2016-03-12T08:36:21Z current 2016-03-12T08:36:21Z 2016-03-12T08:36:21Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Adobe Flash Player This update to Adobe Flash Player 11.2.202.577 fixes a number of vulnerabilities that could have allowed remote attackers to execute arbitrary code through crafted content. (boo#970547) * APSB16-08, CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html E-Mail link for openSUSE-SU-2016:0734-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.1 NonFree flash-player-11.2.202.577-156.1 flash-player-gnome-11.2.202.577-156.1 flash-player-kde4-11.2.202.577-156.1 flash-player-11.2.202.577-156.1 as a component of openSUSE 13.1 NonFree flash-player-gnome-11.2.202.577-156.1 as a component of openSUSE 13.1 NonFree flash-player-kde4-11.2.202.577-156.1 as a component of openSUSE 13.1 NonFree Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0960 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0960.html CVE-2016-0960 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0961 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0961.html CVE-2016-0961 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0962 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0962.html CVE-2016-0962 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010. CVE-2016-0963 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0963.html CVE-2016-0963 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0986 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0986.html CVE-2016-0986 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0987 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0987.html CVE-2016-0987 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0988 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0988.html CVE-2016-0988 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0989 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0989.html CVE-2016-0989 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0990 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0990.html CVE-2016-0990 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0991 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0991.html CVE-2016-0991 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. CVE-2016-0992 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0992.html CVE-2016-0992 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010. CVE-2016-0993 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0993.html CVE-2016-0993 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0994 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0994.html CVE-2016-0994 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0995 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0995.html CVE-2016-0995 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0996 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0996.html CVE-2016-0996 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0997 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0997.html CVE-2016-0997 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000. CVE-2016-0998 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0998.html CVE-2016-0998 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000. CVE-2016-0999 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-0999.html CVE-2016-0999 https://bugzilla.suse.com/970547 SUSE Bug 970547 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. CVE-2016-1000 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-1000.html CVE-2016-1000 https://bugzilla.suse.com/1016168 SUSE Bug 1016168 https://bugzilla.suse.com/1016169 SUSE Bug 1016169 https://bugzilla.suse.com/1016366 SUSE Bug 1016366 https://bugzilla.suse.com/970547 SUSE Bug 970547 https://bugzilla.suse.com/988484 SUSE Bug 988484 https://bugzilla.suse.com/988486 SUSE Bug 988486 https://bugzilla.suse.com/988487 SUSE Bug 988487 https://bugzilla.suse.com/988488 SUSE Bug 988488 https://bugzilla.suse.com/988489 SUSE Bug 988489 https://bugzilla.suse.com/988491 SUSE Bug 988491 https://bugzilla.suse.com/988492 SUSE Bug 988492 https://bugzilla.suse.com/989125 SUSE Bug 989125 https://bugzilla.suse.com/989170 SUSE Bug 989170 https://bugzilla.suse.com/989172 SUSE Bug 989172 https://bugzilla.suse.com/989174 SUSE Bug 989174 https://bugzilla.suse.com/989523 SUSE Bug 989523 https://bugzilla.suse.com/989532 SUSE Bug 989532 https://bugzilla.suse.com/989569 SUSE Bug 989569 https://bugzilla.suse.com/989989 SUSE Bug 989989 https://bugzilla.suse.com/989995 SUSE Bug 989995 https://bugzilla.suse.com/989997 SUSE Bug 989997 https://bugzilla.suse.com/990847 SUSE Bug 990847 https://bugzilla.suse.com/997861 SUSE Bug 997861 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. CVE-2016-1001 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-1001.html CVE-2016-1001 https://bugzilla.suse.com/1016340 SUSE Bug 1016340 https://bugzilla.suse.com/1016368 SUSE Bug 1016368 https://bugzilla.suse.com/1016369 SUSE Bug 1016369 https://bugzilla.suse.com/1016370 SUSE Bug 1016370 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005. CVE-2016-1002 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-1002.html CVE-2016-1002 https://bugzilla.suse.com/1014298 SUSE Bug 1014298 https://bugzilla.suse.com/970547 SUSE Bug 970547 Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002. CVE-2016-1005 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-1005.html CVE-2016-1005 https://bugzilla.suse.com/970547 SUSE Bug 970547 Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. CVE-2016-1010 openSUSE 13.1 NonFree:flash-player-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-gnome-11.2.202.577-156.1 openSUSE 13.1 NonFree:flash-player-kde4-11.2.202.577-156.1 important Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html https://www.suse.com/security/cve/CVE-2016-1010.html CVE-2016-1010 https://bugzilla.suse.com/970547 SUSE Bug 970547