PROBLEM:
Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code
PLATFORM:
Version(s): 11.5.502.110 and prior for Windows/Mac; 11.2.202.251 and prior for Linux
ABSTRACT:
Several vulnerabilities were reported in Adobe Flash Player.
REFERENCE LINKS:
Adobe Vulnerability identifier: APSB12-27
SecurityTracker Alert ID: 1027854
Secunia Advisory SA51560
RHSA-2012:1569-1
CVE-2012-5676
CVE-2012-5677
CVE-2012-5678
IMPACT ASSESSMENT:
High
DISCUSSION:
A buffer overflow can trigger code execution [CVE-2012-5676].
An integer overflow can trigger code execution [CVE-2012-5677].
A memory corruption flaw can trigger code execution [CVE-2012-5678].
IMPACT:
A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
SOLUTION:
The vendor has issued a fix (11.5.502.135 for Windows, 11.5.502.136 for Mac, 11.2.202.258 for Linux, 11.1.115.34 for Android 4.x, 11.1.111.29 for Android 3.x and 2.x).