Vulnerability: Multiple vulnerabilities in Adobe Flash Player
Danger: High
Patch: Yes
Number of vulnerabilities: 3
CVE ID: CVE-2012-5676
CVE-2012-5677
CVE-2012-5678
Vector of operation: Remote
Impact: System Compromise
Affected Products: Adobe Flash Player 11.x
Adobe AIR 3.x
Affected versions:
Adobe Flash Player 11.5.502.110 for Windows and earlier versions
Adobe Flash Player 11.2.202.251 for Linux and earlier
Adobe Flash Player 11.1.115.27 for Android 4.x and earlier versions
Adobe Flash Player 11.1.111.24 for Android 3.x/2.x and earlier
Adobe Flash Player 11.3.376.12 for Internet Explorer 10
Adobe AIR 3.5.0.600 for Windows, Mac and Android
Description:
Which can be exploited by malicious people to execute arbitrary code on the target system.
1. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.
2. The vulnerability is caused due to an integer overflow. A remote user can execute arbitrary code on the target system.
3. The vulnerability is caused due to an unspecified error. This can be exploited to corrupt memory and execute arbitrary code on the target system.
Manufacturer URL: www.adobe.com
Solution: Install the update from the manufacturer.
Links:
http://www.adobe.com/support/security/bulletins/apsb12-27.html