Adobe Flash Player 18.104.22.168 security update
Report ID: AD201202001
Date Published: 17 February 2012
Compromise Type: remote-code-execution cross-site-scripting
Compromise From: remote
Adobe Flash Player 22.214.171.124 for Windows, Macintosh, Linux and Solaris
Adobe Flash Player 126.96.36.199 for Android 4.x
Adobe Flash Player 188.8.131.52 for Android 3.x and 2.x
Security updates for Adobe Flash Player 184.108.40.206 has been released to address multiple vulnerabilities found in the prior versions.
Adobe has released Flash Player version 220.127.116.11 to address multiple vulnerabilities that were identified in previous product versions. Four memory corruption vulnerabilities and two security bypass vulnerabilities could lead to arbitrary code execution, and allow an attacker to take complete control of an affected system.
One vulnerability could lead to cross-site scripting attack, where an attacker could take actions on the user's behalf if the user visited a malicious website. There are reports of this vulnerability being exploited in the wild.
These vulnerabilities have been addressed in the latest security update. Users are recommended to update to Flash Player version 18.104.22.168 as a protection against potential exploit.
CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767
Update to the latest version of applicable product.
- Flash Player 22.214.171.124 - Flash Player Download Center
- Flash Player 126.96.36.199 (network distribution) - Flash Player Licensing
- Flash Player 188.8.131.52 (Android 4.x) - Android Marketplace
- Flash Player 184.108.40.206 (Android 3.x and 2.x) - Android Marketplace
- Flash Player 220.127.116.11 (Chrome) - Google Chrome Releases