Enterprise_linux_server

Date	Id	Summary	Products	Score
2015-07-14	CVE-2015-5122	Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property,...	Flash_player, Flash_player_desktop_runtime, Evergreen, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	9.8
2015-07-14	CVE-2015-5123	Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.	Flash_player, Flash_player_desktop_runtime, Evergreen, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	9.8
2015-07-08	CVE-2015-5119	Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.	Flash_player, Evergreen, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_from_rhui, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	9.8
2016-06-16	CVE-2016-4171	Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.	Flash_player, Flash_player_for_linux, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	9.8
2015-10-15	CVE-2015-7645	Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.	Flash_player, Evergreen, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_from_rhui, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	7.8
2015-12-28	CVE-2015-8651	Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.	Air, Air_sdk, Air_sdk_\&_compiler, Flash_player, Insight_control, Insight_control_server_provisioning, Matrix_operating_environment, System_management_homepage, Systems_insight_manager, Version_control_repository_manager, Evergreen, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	8.8
2016-05-11	CVE-2016-4117	Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.	Flash_player, Evergreen, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_from_rhui, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_workstation_extension	9.8
2016-11-01	CVE-2016-7855	Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.	Flash_player, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2017-10-04	CVE-2017-12617	When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.	Tomcat, Ubuntu_linux, Debian_linux, Active_iq_unified_manager, Element, Oncommand_balance, Oncommand_insight, Oncommand_shift, Oncommand_workflow_automation, Snapcenter, Agile_plm, Communications_instant_messaging_server, Endeca_information_discovery_integrator, Enterprise_manager_for_mysql_database, Financial_services_analytical_applications_infrastructure, Fmw_platform, Health_sciences_empirica_inspections, Hospitality_guest_access, Instantis_enterprisetrack, Management_pack, Micros_lucas, Micros_retail_xbri_loss_prevention, Mysql_enterprise_monitor, Retail_advanced_inventory_planning, Retail_back_office, Retail_central_office, Retail_convenience_and_fuel_pos_software, Retail_eftlink, Retail_insights, Retail_invoice_matching, Retail_order_broker, Retail_order_management_system, Retail_point\-Of\-Service, Retail_price_management, Retail_returns_management, Retail_store_inventory_management, Retail_xstore_point_of_service, Transportation_management, Tuxedo_system_and_applications_monitor, Webcenter_sites, Workload_manager, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_eus_compute_node, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Fuse, Jboss_enterprise_application_platform, Jboss_enterprise_web_server, Jboss_enterprise_web_server_text\-Only_advisories	8.1
2017-09-19	CVE-2017-12615	When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.	Tomcat, 7\-Mode_transition_tool, Oncommand_balance, Oncommand_shift, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_eus_compute_node, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation, Jboss_enterprise_web_server, Jboss_enterprise_web_server_text\-Only_advisories	8.1

Product: Enterprise_linux_server (Redhat)

Product:
Enterprise_linux_server
(Redhat)