{"affected":[{"ecosystem_specific":{"binaries":[{"flash-player":"25.0.0.127-162.1","flash-player-gnome":"25.0.0.127-162.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"25.0.0.127-162.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"flash-player":"25.0.0.127-162.1","flash-player-gnome":"25.0.0.127-162.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP1","name":"flash-player","purl":"pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"25.0.0.127-162.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for flash-player fixes the following issues:\n\nSecurity update to 25.0.0.127 (bsc#1029374), fixing the following vulnerabilities advised under APSB17-07:\n- CVE-2017-2997: This update resolves a buffer overflow vulnerability that could lead to code execution.\n- CVE-2017-2998, CVE-2017-2999: This update resolves memory corruption vulnerabilities that could lead to\n  code execution.\n- CVE-2017-3000: This update resolves a random number generator vulnerability used for constant blinding\n  that could lead to information disclosure.\n- CVE-2017-3001, CVE-2017-3002, CVE-2017-3003: This update resolves use-after-free vulnerabilities that\n  could lead to code execution.\n- Details:\n  https://helpx.adobe.com/security/products/flash-player/apsb17-07.html\n","id":"SUSE-SU-2017:0703-1","modified":"2017-03-15T14:21:27Z","published":"2017-03-15T14:21:27Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20170703-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1029374"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-2997"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-2998"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-2999"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3000"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3002"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-3003"}],"related":["CVE-2017-2997","CVE-2017-2998","CVE-2017-2999","CVE-2017-3000","CVE-2017-3001","CVE-2017-3002","CVE-2017-3003"],"summary":"Security update for flash-player","upstream":["CVE-2017-2997","CVE-2017-2998","CVE-2017-2999","CVE-2017-3000","CVE-2017-3001","CVE-2017-3002","CVE-2017-3003"]}