Fedora 20: Firefox Reports Flash as Vulnerable

Fedora 20: Firefox Reports Flash as Vulnerable

This problem starts with Firefox reporting that your flash-plugin is out of date.  This report looks like this and disables all flash.

Screenshot from 2015-02-06 16:45:59After this we will take a look Mozilla’s Plugin Check to see what it thinks is going on.

Screenshot from 2015-02-06 16:49:31

Now here we can see that version 11.2.202.440 is vulnerable.  We will then check about:plugins to see if it agrees.

Screenshot from 2015-02-06 16:49:51Again this is also reporting 11.2.202.440, so there must be a problem, but it also tells us that there is an update available.  Now I run regular yum updates on this machine, and I actually noticed flash-plugin was updated just a few hours prior to seeing this alert.  So lets check the installed version.

[root@ltmmattoon matthew]# yum info flash-plugin
Loaded plugins: langpacks, refresh-packagekit
Installed Packages
Name : flash-plugin
Arch : x86_64
Version : 11.2.202.442
Release : release
Size : 19 M
Repo : installed
From repo : adobe-flashplayer
Summary : Adobe Flash Player 11.2
URL : http://www.adobe.com/downloads/
License : Commercial
Description : Adobe Flash Plugin 11.2.202.442
: Fully Supported: Mozilla SeaMonkey 1.0+, Firefox 1.5+, Mozilla
: 1.7.13+

Interesting 11.2.202.442, which is higher than what Firefox is reporting.  Of course Firefox has been rebooted, but lets do it again just to make sure.

Now to fix it.

$ pwd
/home/matthew/.mozilla/firefox/cls7wbvm.default
$ mv pluginreg.dat pluginreg.dat.bak

Restart Firefox and it will collect new data on all of its plugins, and about:plugins will start reporting the correct version.