{"affected":[{"ecosystem_specific":{"binaries":[{"flash-player":"11.2.202.466-86.1","flash-player-gnome":"11.2.202.466-86.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.2.202.466-86.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"flash-player":"11.2.202.466-86.1","flash-player-gnome":"11.2.202.466-86.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.2.202.466-86.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"  The following issues are fixed by this updated:\n    * CVE-2015-3096: These updates resolve a vulnerability that could be exploited to bypass the fix for CVE-2014-5333. \n    * CVE-2015-3098, CVE-2015-3099, CVE-2015-3102:These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure. \n    * CVE-2015-3100: These updates resolve a stack overflow vulnerability that could lead to code execution.\n    * CVE-2015-3103, CVE-2015-3106, CVE-2015-3107: These updates resolve use-after-free vulnerabilities that could lead to code execution.\n    * CVE-2015-3104: These updates resolve an integer overflow vulnerability that could lead to code execution.\n    * CVE-2015-3105: These updates resolve a memory corruption vulnerability that could lead to code execution.\n    * CVE-2015-3108: These updates resolve a memory leak vulnerability that could be used to bypass ASLR (CVE-2015-3108).\n (bsc#934088)","id":"SUSE-SU-2015:1043-1","modified":"2015-06-11T11:20:08Z","published":"2015-06-11T11:20:08Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151043-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/934088"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3096"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3098"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3099"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3100"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3102"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3103"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3104"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3105"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3106"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3107"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3108"}],"related":["CVE-2015-3096","CVE-2015-3098","CVE-2015-3099","CVE-2015-3100","CVE-2015-3102","CVE-2015-3103","CVE-2015-3104","CVE-2015-3105","CVE-2015-3106","CVE-2015-3107","CVE-2015-3108"],"summary":"Security update for flash-player","upstream":["CVE-2015-3096","CVE-2015-3098","CVE-2015-3099","CVE-2015-3100","CVE-2015-3102","CVE-2015-3103","CVE-2015-3104","CVE-2015-3105","CVE-2015-3106","CVE-2015-3107","CVE-2015-3108"]}