Fedora 20: Firefox Reports Flash as Vulnerable

This problem starts with Firefox reporting that your flash-plugin is out of date.  This report looks like this and disables all-flash.

After this, we will take a look Mozilla’s Plugin Check to see what it thinks is going on.

Now here we can see that version 11.2.202.440 is vulnerable.  We will then check about:plugins to see if it agrees.

Again this is also reporting 11.2.202.440, so there must be a problem, but it also tells us that there is an update available.  Now I run regular yum updates on this machine, and I actually noticed flash-plugin was updated just a few hours prior to seeing this alert.  So lets check the installed version.

[root@ltmmattoon matthew]# yum info flash-plugin<br />

Loaded plugins: langpacks, refresh-packagekit<br />

Installed Packages<br />

Name : flash-plugin<br />

Arch : x86_64<br />

Version : 11.2.202.442<br />

Release : release<br />

Size : 19 M<br />

Repo : installed<br />

From repo : adobe-flashplayer<br />

Summary : Adobe Flash Player 11.2<br />

URL : http://www.adobe.com/downloads/<br />

License : Commercial<br />

Description : Adobe Flash Plugin 11.2.202.442<br />

: Fully Supported: Mozilla SeaMonkey 1.0+, Firefox 1.5+, Mozilla<br />

: 1.7.13+

Interesting 11.2.202.442, which is higher than what Firefox is reporting.  Of course Firefox has been rebooted, but lets do it again just to make sure.

Now to fix it.

$ pwd<br />

/home/matthew/.mozilla/firefox/cls7wbvm.default<br />

$ mv pluginreg.dat pluginreg.dat.bak

Restart Firefox and it will collect new data on all of its plugins, and about:plugins will start reporting the correct version.