From: Secunia Security Advisories (sec-advsecunia.com)
Date: Wed Jul 09 2003 - 06:01:26 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Red Hat update for Netscape

READ ONLINE:
http://www.secunia.com/advisories/9218/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
RedHat Enterprise Linux ES
RedHat Enterprise Linux WS
RedHat Enterprise Linux AS

DESCRIPTION:
Red Hat has issued updated packages for Netscape, which address
various vulnerabilities in the Macromedia Flash plugin.

The first vulnerability can be exploited by malicious people to read
arbitrary files on a user's system.

The second vulnerability is caused due to a boundary error in the
decoder. This can be exploited to cause a buffer overflow when a
flash file with a specially crafted SWF header is executed.
Successful exploitation may allow execution of arbitrary code on a
user's system.

SOLUTION:
The Macromedia Flash plugin will be removed according to Red Hat,
because the latest secure version doesn't support Netscape 4.x
browsers.

Updated packages are only available via Red Hat Network:
http://rhn.redhat.com/

ORIGINAL ADVISORY:
http://rhn.redhat.com/errata/RHSA-2003-027.html

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]