X
Tap here to go to the mobile version of the site.

Support Forum

Newest Flash version for Linux reported as vulnerable

Posted

As in tittle, Firefox blocks use of Flash on every website, Plugin check report it as vulnerable, but Adobe says (https://helpx.adobe.com/security/products/flash-player/apsa15-02.html) that 11.x versions are not vulnerable.

As in tittle, Firefox blocks use of Flash on every website, Plugin check report it as vulnerable, but Adobe says (https://helpx.adobe.com/security/products/flash-player/apsa15-02.html) that 11.x versions are not vulnerable.

Modified by kubahaha

Chosen solution

Additional System Details

Installed Plug-ins

  • DivX Web Player version 1.4.0.233
  • The Videos 3.10.1 plugin handles video and audio streams.
  • Shockwave Flash 11.2 r202
  • 5.1.30514.0
  • This plug-in detects the presence of iTunes when opening iTunes Store URLs in a web page with Firefox.

Application

  • Firefox 35.0.1
  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0
  • Support URL: https://support.mozilla.org/1/firefox/35.0.1/Linux/pl/

Extensions

  • Add to Search Bar 2.8 (add-to-searchbox@maltekraus.de)
  • Android Desktop Notifications 2.0.5 (jid0-105eGBfutA8RahNXKJRXP7CPNs0@jetpack)
  • APK Downloader 2.0.4 (jid1-6MGm94JnyY2VkA@jetpack)
  • Bloody Vikings! 0.5.10 (bloodyvikings@ffs.bplaced.net)
  • Bookmark Favicon Changer 2.23 (bookmarkfaviconchanger@sonthakit)
  • Classic Theme Restorer 1.2.0beta1 (ClassicThemeRestorer@ArisT2Noia4dev)
  • ColorZilla 2.8 ({6AC85730-7D0F-4de0-B3FA-21142DD85326})
  • Cookies Manager+ 1.5.2 ({bb6bc1bb-f824-4702-90cd-35e2fb24f25d})
  • Cutyfox URL Shortener (bit.ly, is.gd, goo.gl) 1.4.1 (cutyfox@apps.metzweb.net)
  • DownloadHelper 4.9.24 ({b9db16a4-6edc-47ec-a1f4-b86292ed211d})
  • Eliminator Slajdów 3.1.41 (jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack)
  • feedly 16.0.528 (feedly@devhd)
  • FindBar Tweak 1.4.18 (fbt@quicksaver)
  • Firesheep 1.5 (firesheep@codebutler.com)
  • Flagfox 5.0.11 ({1018e4d6-728f-4b20-ad56-37578a4de76b})
  • FxIF 0.4.8.1 ({11483926-db67-4190-91b1-ef20fcec5f33})
  • GNotifier 1.8.6 (jid1-OoNOA6XBjznvLQ@jetpack)
  • Greasemonkey 2.3 ({e4a8a97b-f2ed-450b-b12d-ee082ba24781})
  • HTitle 3.3 ({c6448328-31f7-4b12-a2e0-5c39d0290307})
  • HTTPS-Everywhere 4.0.3 (https-everywhere@eff.org)
  • Image Zoom 0.6.3 ({1A2D0EC4-75F5-4c91-89C4-3656F6E44B68})
  • Imgur Uploader 1.0.6 (giorgio@gilestro.tk)
  • MEGA 2.0.216 (firefox@mega.co.nz)
  • Nimbus Screen Capture - editable screenshots. 6.3.1 (nimbusscreencaptureff@everhelper.me)
  • OneTab 1.9 (extension@one-tab.com)
  • Podcast downloader for polskieradio.pl 0.7 ({76a90f76-04b2-4cf4-9b62-8981dd64e2b0})
  • Przeglądarka PDF 1.0.1135 (uriloader@pdf.js)
  • Reader 35.1 ({20068ab2-1901-4140-9f3c-81207d4dacc4})
  • Search by Image for Google 1.2.0 ({ab4b5718-3998-4a2c-91ae-18a7c2db513e})
  • Stack Alert 0.24 (stackalert@quickmediasolutions.com)
  • Stylish 2.0.1 ({46551EC9-40F0-4e47-8E18-8E5CF550CFB8})
  • Tab Wheel Scroll 20140723 (tabscroll@mthamil)
  • Tamper Data 11.0.1 ({9c51bd27-6ed8-4000-a2bf-36cb95c0c947})
  • Text Link 4.1.2013040601 ({54BB9F3F-07E5-486c-9B39-C7398B99391C})
  • TinEye Reverse Image Search 1.1 (tineye@ideeinc.com)
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • Ubuntu Firefox Modifications 3.0 (ubufox@ubuntu.com)
  • User Agent Switcher 0.7.3 ({e968fc70-8f95-4ab9-9e79-304de2a71ee1})
  • YouTube Center 2.1.0 (jid1-cwbvBTE216jjpg@jetpack)
  • YouTube mp3 1.0.9 (info@youtube-mp3.org)
  • µBlock 0.8.6.0 ({2b10c1c8-a11f-4bad-fe9c-1c11e82cac42})
  • Adblock Plus 2.6.7 ({d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}) (Inactive)
  • Adblock Plus Pop-up Addon 0.9.2 (adblockpopups@jessehakanen.net) (Inactive)
  • Add-on Compatibility Reporter 2.0.5 (compatibility@addons.mozilla.org) (Inactive)
  • Buffer 2.8.2 (jid1-zUyU7TGKwejAyA@jetpack) (Inactive)
  • BugMeNot Plugin 3 ({987311C6-B504-4aa2-90BF-60CC49808D42}) (Inactive)
  • Certificate Patrol 2.0.14 (CertPatrol@PSYC.EU) (Inactive)
  • Character Identifier 0.1.4 (char-identifier@dbaron.org) (Inactive)
  • Disconnect 3.15.3 (2.0@disconnect.me) (Inactive)
  • DuckDuckGo Plus 0.4.6 (jid1-ZAdIEUB7XOzOJw@jetpack) (Inactive)
  • Element Hiding Helper dla Adblock Plusa 1.3.1 (elemhidehelper@adblockplus.org) (Inactive)
  • Firebug 2.0.8 (firebug@software.joehewitt.com) (Inactive)
  • FireStorage Plus! 1.7 (firestorageplus@nickbelhomme.com) (Inactive)
  • Ghostery 5.4.1 (firefox@ghostery.com) (Inactive)
  • iMacros for Firefox 8.8.8 ({81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}) (Inactive)
  • Lightbeam 1.2.1 (jid1-F9UJ2thwoAm5gQ@jetpack) (Inactive)
  • Menu Editor 1.2.7 ({EDA7B1D7-F793-4e03-B074-E6F303317FB0}) (Inactive)
  • NoScript 2.6.9.12 ({73a6fe31-595d-460b-a920-fcc0f8843232}) (Inactive)
  • Panic Button 2.0.2 ({24cea704-946d-11da-a72b-0800200c9a66}) (Inactive)
  • Pocket 3.0.6 (isreaditlater@ideashower.com) (Inactive)
  • Shumway 0.9.3750 (shumway@research.mozilla.org) (Inactive)
  • Ubuntu Online Accounts 0.5 (online-accounts@lists.launchpad.net) (Inactive)
  • Unity Desktop Integration 3.0.2 (webapps-team@lists.launchpad.net) (Inactive)
  • Unity Websites integration 2014.08.06.beta ({2e1445b0-2682-11e1-bfc2-0800200c9a66}) (Inactive)
  • Vertical Toolbar 1.0.8 (verticaltoolbar@xuldev.org) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: Intel Open Source Technology Center -- Mesa DRI Intel(R) Ivybridge Mobile
  • adapterDeviceID: Mesa DRI Intel(R) Ivybridge Mobile
  • adapterDrivers:
  • adapterRAM:
  • adapterVendorID: Intel Open Source Technology Center
  • driverDate:
  • driverVersion: 3.0 Mesa 10.1.3
  • info: {u'AzureContentBackend': u'cairo', u'AzureCanvasBackend': u'cairo', u'AzureFallbackCanvasBackend': u'none', u'AzureSkiaAccelerated': 0}
  • numAcceleratedWindows: 0
  • numAcceleratedWindowsMessage: [u'']
  • numTotalWindows: 1
  • webglRenderer: Intel Open Source Technology Center -- Mesa DRI Intel(R) Ivybridge Mobile
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Basic

Modified Preferences

Misc

  • User JS: No
  • Accessibility: No
ideato 893 solutions 6250 answers

Chosen Solution

Hi, yes it is vulnerable see February 5, 2015 : https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

https://addons.mozilla.org/en-us/firefox/blocked/p830

go for the Flash Player 11.2.202.442 (Linux) from the next link :

https://www.adobe.com/products/flashplayer/distribution3.html

thank you

Hi, yes it is vulnerable see February 5, 2015 : https://helpx.adobe.com/security/products/flash-player/apsb15-04.html https://addons.mozilla.org/en-us/firefox/blocked/p830 go for the Flash Player 11.2.202.442 (Linux) from the next link : https://www.adobe.com/products/flashplayer/distribution3.html thank you
carbohydrates 2 solutions 30 answers

Uninstall flash, it is almost entirely composed of security vulnerabilities. There are hundreds, probably thousands. Use HTML5 instead, it won't murder your computer.

Uninstall flash, it is almost entirely composed of security vulnerabilities. There are hundreds, probably thousands. Use HTML5 instead, it won't murder your computer.
James
  • Top 25 Contributor
  • Moderator
1602 solutions 11342 answers

Ignore the above post by carbohydrates as he is spreading fud about Flash even when it is updated and HTML5 is unfortunately in limited use compared to Flash.

Ignore the above post by carbohydrates as he is spreading fud about Flash even when it is updated and HTML5 is unfortunately in limited use compared to Flash.
jamescobban 2 solutions 42 answers

I am running the latest available Shockwave Flash plugin 11.2.202.491. It was last updated 17 July. But still every single time I go to a website which uses Flash Firefox asks me to accept the security exposure. How, short of running Windoze, can I gain access to current level support for Flash?

I am running the latest available Shockwave Flash plugin 11.2.202.491. It was last updated 17 July. But still every single time I go to a website which uses Flash Firefox asks me to accept the security exposure. How, short of running Windoze, can I gain access to current level support for Flash?
James
  • Top 25 Contributor
  • Moderator
1602 solutions 11342 answers

11.2.202.491 is indeed the current version for Linux from Adobe as it came out the same week the updates for Windows and Mac OSX did.

The 11.2.202.491 is not on blocklist so it should not be getting soft blocked (click to play) https://addons.mozilla.org/firefox/blocked/

https://www.adobe.com/products/flashplayer/distribution3.html

Either you still have a older version installed also if you are getting the click to play or some sites are doing their own blocking of older branches of Flash.

Type about:plugins in Location (address) bar to see what your Firefox has found and using and where it is located.

11.2.202.'''491''' is indeed the current version for Linux from Adobe as it came out the same week the updates for Windows and Mac OSX did. The 11.2.202.'''491''' is not on blocklist so it should not be getting soft blocked (click to play) https://addons.mozilla.org/firefox/blocked/ https://www.adobe.com/products/flashplayer/distribution3.html Either you still have a older version installed also if you are getting the click to play or some sites are doing their own blocking of older branches of Flash. Type '''about:plugins''' in Location (address) bar to see what your Firefox has found and using and where it is located.
jamescobban 2 solutions 42 answers

It is definitely a message from Firefox, not the web-site.

about:plugins displays:

OpenH264 Video Codec provided by Cisco Systems, Inc.

   File: 1.4
   Path: /home/jcobban/.mozilla/firefox/epk0m30h.default/gmp-gmpopenh264/1.4
   Version: 1.4
   State: Enabled
   This plugin is automatically installed by Mozilla to comply with the WebRTC specification and to enable WebRTC calls with devices that require the H.264 video codec. Visit http://www.openh264.org/ to view the codec source code and learn more about the implementation.

MIME Type Description Suffixes iTunes Application Detector

   File: librhythmbox-itms-detection-plugin.so
   Path: /usr/lib/mozilla/plugins/librhythmbox-itms-detection-plugin.so
   Version: 
   State: Enabled
   This plug-in detects the presence of iTunes when opening iTunes Store URLs in a web page with Firefox.

MIME Type Description Suffixes application/itunes-plugin Shockwave Flash

   File: libflashplayer.so
   Path: /usr/lib/flashplugin-installer/libflashplayer.so
   Version: 11.2.202.491
   State: Enabled
   Shockwave Flash 11.2 r202

MIME Type Description Suffixes application/x-shockwave-flash Shockwave Flash swf application/futuresplash FutureSplash Player spl

It is definitely a message from Firefox, not the web-site. about:plugins displays: OpenH264 Video Codec provided by Cisco Systems, Inc. File: 1.4 Path: /home/jcobban/.mozilla/firefox/epk0m30h.default/gmp-gmpopenh264/1.4 Version: 1.4 State: Enabled This plugin is automatically installed by Mozilla to comply with the WebRTC specification and to enable WebRTC calls with devices that require the H.264 video codec. Visit http://www.openh264.org/ to view the codec source code and learn more about the implementation. MIME Type Description Suffixes iTunes Application Detector File: librhythmbox-itms-detection-plugin.so Path: /usr/lib/mozilla/plugins/librhythmbox-itms-detection-plugin.so Version: State: Enabled This plug-in detects the presence of iTunes when opening iTunes Store URLs in a web page with Firefox. MIME Type Description Suffixes application/itunes-plugin Shockwave Flash File: libflashplayer.so Path: /usr/lib/flashplugin-installer/libflashplayer.so Version: 11.2.202.491 State: Enabled Shockwave Flash 11.2 r202 MIME Type Description Suffixes application/x-shockwave-flash Shockwave Flash swf application/futuresplash FutureSplash Player spl