[SingCERT] Security Update for Adobe Flash Player

Last Updated on Monday, 14 November 2011 14:36

[ Summary ]

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions. These vulnerabilities could cause a crash and potentially allow a remote attacker to execute arbitrary code on the target user's system.

[ Affected Systems ]

Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems

Adobe Flash Player 11.0.1.153 and earlier versions for Android

Adobe AIR 3.0 and earlier versions for Windows, Macintosh, and Android

[ Impact Analysis ]

By convincing a user to view a specially crafted document that supports embedded Flash (e.g., PDF document or Microsoft Office document or HTML email message or attachment or HTML web page), an attacker can take control of the affected system.

[ Solution/Workaround ]

Vendor patches are available.

[ Reference ]

http://www.adobe.com/support/security/bulletins/apsb11-28.html