{"affected":[{"ecosystem_specific":{"binaries":[{"flash-player":"11.2.202.637-143.1","flash-player-gnome":"11.2.202.637-143.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.2.202.637-143.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"flash-player":"11.2.202.637-143.1","flash-player-gnome":"11.2.202.637-143.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP1","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"11.2.202.637-143.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nflash-player was updated to version 11.2.202.637 to fix the following issues (bsc#1004019):\n\nCVE-2016-6992: A type confusion vulnerability that could lead to code execution.\nCVE-2016-6981, CVE-2016-6987: use-after-free vulnerabilities that could lead to code execution \nCVE-2016-4286: Security bypass vulnerability \nCVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990: Memory corruption vulnerabilities that could lead to code execution \n\nAlso the EULA was updated to version 23.0 (bsc#1003993).\n","id":"SUSE-SU-2016:2512-1","modified":"2016-10-12T11:30:42Z","published":"2016-10-12T11:30:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20162512-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1003993"},{"type":"REPORT","url":"https://bugzilla.suse.com/1004019"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4273"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4286"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6981"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6982"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6983"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6984"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6985"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6986"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6987"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6989"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6990"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6992"}],"related":["CVE-2016-4273","CVE-2016-4286","CVE-2016-6981","CVE-2016-6982","CVE-2016-6983","CVE-2016-6984","CVE-2016-6985","CVE-2016-6986","CVE-2016-6987","CVE-2016-6989","CVE-2016-6990","CVE-2016-6992"],"summary":"Security update for flash-playerqemu","upstream":["CVE-2016-4273","CVE-2016-4286","CVE-2016-6981","CVE-2016-6982","CVE-2016-6983","CVE-2016-6984","CVE-2016-6985","CVE-2016-6986","CVE-2016-6987","CVE-2016-6989","CVE-2016-6990","CVE-2016-6992"]}