Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Adobe Flash Player 11.4.402.265 security update


Report ID: AD201209001
Date Published: 27 September 2012

Criticality: Critical
Compromise Type: remote-code-execution information-disclosure application-crash
Compromise From: remote


Affected Product/Component:

Adobe Flash Player 11.3.300.271 for Windows and Macintosh
Adobe Flash Player 11.2.202.236 for Linux
Adobe Flash Player 11.1.115.11 for Android 4.x
Adobe Flash Player 11.1.111.10 for Android 3.x and 2.x
Adobe AIR 3.3.0.3670 for Windows and Macintosh
Adobe AIR 3.3.0.3690 SDK
Adobe AIR 3.2.0.3650 for Android




Summary

Adobe Flash Player version 11.4.402.265 has been released to address multiple vulnerabilities found in the prior version of the product.



Detailed Description

Adobe has released Adobe Flash Player 11.4.402.265, which carries out fixes for multiple vulnerabilities found in the prior version of the products. Eight vulnerabilities in total were reported, six of which could lead to remote code execution, one leads to cross-domain information disclosure, and one leads to application crash.

All identified issues have been fixed in the latest update. Users are recommended to get the latest version of Adobe Flash Player onto their system as a protection measure against potential exploit attempts.



CVE Reference

CVE-2012-4163, CVE-2012-4164, CVE-2012-4165, CVE-2012-4166, CVE-2012-4167, CVE-2012-4168, CVE-2012-4171, CVE-2012-5054



Solution

Update to the latest version of applicable product, available from the Flash Player Download Center



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.