Adobe Flash Player 11.4.402.287 security update
Report ID: AD201210001
Date Published: 8 October 2012
Criticality: Critical
Compromise Type: application-crash
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.4.402.287 for Windows
Adobe Flash Player 11.4.402.265 for Macintosh
Adobe Flash Player 11.2.202.238 for Linux
Adobe Flash Player 11.1.115.17 for Android 4.x
Adobe Flash Player 11.1.111.16 for Android 3.x and 2.x
Adobe AIR 3.4.0.2540 for Windows and Macintosh
Adobe AIR 3.4.0.2540 SDK
Adobe AIR 3.4.0.2540 for Android
Summary
Adobe Flash Player version 11.4.402.287 has been released to address multiple vulnerabilities found in the prior version of the product.
Detailed Description
Adobe has released Adobe Flash Player 11.4.402.287, which carries out fixes for multiple vulnerabilities found in the prior version of the products. The vulnerabilities were caused by either a buffer overflow condition or a memory corruption; each of them could cause the application to terminate unexpectedly.
All identified issues have been fixed in the latest update. Users are recommended to get the latest version of Adobe Flash Player onto their system as a protection measure against potential exploit attempts.
CVE Reference
CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287, CVE-2012-5673
Solution
Update to the latest version of applicable product, available from the Flash Player Download Center
F-Secure Health Check
F-Secure's free tool, the Health Check, detects if your system is missing the patch for the vulnerabilities covered in this report.
