Adobe Flash Player 11.1.102.55 security update
Report ID: AD201111001
Date Published: 10 November 2011
Criticality: Critical
Compromise Type: remote-code-execution security-bypass
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.0.1.152
Adobe Flash Player 11.0.1.153 (Android)
Adobe AIR 3.0
Summary
Adobe Flash Player 11.1.102.55 has been released, introducing the solution for multiple vulnerabilities identified in the previous product versions.
Detailed Description
Adobe has released Flash Player version 11.1.102.55 to address twelve reported vulnerabilities in the prior versions of the product. One vulnerability could lead to a cross-domain policy bypass, while the other eleven all could lead to arbitrary code execution.
As a protection against potential exploit, users are recommended to update to Flash Player version 11.1.102.55 (or version 11.1.102.59 for Android). Users of Adobe AIR 3.0 are advised to update to version 3.1.0.4880.
CVE Reference
CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460
Solution
Update to the latest version of applicable product:
- Flash Player 11.1.102.55 - Flash Player Download Center
- Flash Player 11.1.102.55 (network distribution) - Flash Player Licensing
- Flash Player 11.1.102.59 (Android) - Android Marketplace
- Flash Player 11.1.102.55 (Google Chrome) - Google Chrome Releases
- AIR 3.1.0.4880 - AIR Download Center
- AIR 3.1.0.4880 (Android) - Android Marketplace
