Closed Bug 1023838 Opened 11 years ago Closed 11 years ago

Plugin check falsely reporting Adobe Flash 13.0.0.214 is up to date when it is vulnerable

Categories

(Websites :: plugins.mozilla.org, defect)

Product:
Websites
Component:
plugins.mozilla.org
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: richlaughlin, Assigned: espressive)

Details

Attachments

(2 files)

screenshot-PluginCheckFx29
204.85 KB, image/png
Details
screenshot-PluginCheckFx30
157.94 KB, image/png
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0 (Beta/Release) Build ID: 20140605174243 Steps to reproduce: Run plugin check Actual results: Adobe Flash PlayerShockwave Flash 13.0.0.214 is reported as Up to Date but the green up-to-date button informs me that version 14.0.0.125 is available. According to adobe's security bulletin, this is a vulnerable plugin http://helpx.adobe.com/security/products/flash-player/apsb14-16.html Expected results: Status should be "vulnerable", not "up-to-date" Green "up-to-date" button should be red "Update now". Link under the button is already correct.
Severity: normal → major
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Plugin check falsely reporting a plugin is up to date when it is vulnerable → Plugin check falsely reporting Adobe Flash 13.0.0.214 is up to date when it is vulnerable
I see this in both Firefox 29 (screenshot attached) and Firefox 30.
Here's a screenshot for Firefox 30 (both screenshots are from today, both are on the same Windows 7 computer)
I can also confirm. The plugin database needs to be updated. Security updates available for Adobe Flash Player Release date: June 10, 2014 Vulnerability identifier: APSB14-16 http://helpx.adobe.com/security/products/flash-player/apsb14-16.html > * Users of Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh > should update to Adobe Flash Player 14.0.0.125. > > * Users of Adobe Flash Player 11.2.202.359 and earlier versions for Linux should update > to Adobe Flash Player 11.2.202.378. I am CCing Carsten Book as he often adds plugins to the database. Also, bug 978505 comment # 7 has some recent information, and links, about Adobe's ESR version of Flash. DJ-Leith
Plugin database has been updated for Mac, Windows and Linux.
Assignee: nobody → schalk.neethling.bugs
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Thanks Schalk, Flash 13.0.0.214 now correctly reported as "vulnerable" on Fx 30 and Aurora, on Windows 7. DJ-Leith
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: