Adobe Flash Player 11.2.202.235 security update
Report ID: AD201205001
Date Published: 8 May 2012
Criticality: Critical
Compromise Type: application-crash
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.2.202.233 for Windows, Macintosh, and Linux
Adobe Flash Player 11.1.115.7 for Android 4.x
Adobe Flash Player 11.1.111.8 for Android 3.x and 2.x
Summary
Adobe Flash Player version 11.2.202.235 has been released to address a vulnerability that could cause application crash, and potentially allow an attacker to take control of a compromised system.
Detailed Description
Adobe has released Adobe Flash Player 11.2.202.235, which introduces a security update to resolve a vulnerability in the previous version. The object confusion vulnerability, identified as CVE-2012-0779, could cause the application to terminate unexpectedly, and possibly allow an attacker to take control of an compromised system.
There was a report of this vulnerability being exploited in the wild, targeting Flash Player on Internet Explorer for Windows machine. As a protection from potential exploit, users are recommended to update to the latest version of Flash Player.
CVE Reference
CVE-2012-0779
Solution
Update to the latest version of applicable product.
- Flash Player 11.2.202.235 - Flash Player Download Center
- Flash Player 11.2.202.228 (network distribution) - Flash Player Licensing
- Flash Player 11.1.115.8 (Android 4.x) - Google play*
- Flash Player 11.1.111.9 (Android 3.x and 2.x) - Google play*
* Browse on an Android device
