Adobe Flash Player 11.1.102.62 security update
Report ID: AD201202001
Date Published: 17 February 2012
Criticality: Critical
Compromise Type: remote-code-execution cross-site-scripting
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.1.102.55 for Windows, Macintosh, Linux and Solaris
Adobe Flash Player 11.1.112.61 for Android 4.x
Adobe Flash Player 11.1.111.5 for Android 3.x and 2.x
Summary
Security updates for Adobe Flash Player 11.1.102.62 has been released to address multiple vulnerabilities found in the prior versions.
Detailed Description
Adobe has released Flash Player version 11.1.102.62 to address multiple vulnerabilities that were identified in previous product versions. Four memory corruption vulnerabilities and two security bypass vulnerabilities could lead to arbitrary code execution, and allow an attacker to take complete control of an affected system.
One vulnerability could lead to cross-site scripting attack, where an attacker could take actions on the user's behalf if the user visited a malicious website. There are reports of this vulnerability being exploited in the wild.
These vulnerabilities have been addressed in the latest security update. Users are recommended to update to Flash Player version 11.1.102.62 as a protection against potential exploit.
CVE Reference
CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767
Solution
Update to the latest version of applicable product.
- Flash Player 11.1.102.62 - Flash Player Download Center
- Flash Player 11.1.102.62 (network distribution) - Flash Player Licensing
- Flash Player 11.1.115.6 (Android 4.x) - Android Marketplace
- Flash Player 11.1.111.6 (Android 3.x and 2.x) - Android Marketplace
- Flash Player 11.1.102.62 (Chrome) - Google Chrome Releases
