June 8, 2012
Today, a Security Bulletin (APSB12-14) has been posted regarding the availability of priority 2 updates for Adobe Flash Player 11.2.202.228 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. Adobe recommends users apply the updates for their product installations.
With this update, we are enabling a new background updater for Flash Player for Macintosh. For more information, please refer to the ASSET blog.
Affected software versions
- Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux operating systems
- Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x
- Adobe AIR 3.2.0.2070 and earlier versions for Windows, Macintosh and Android
- These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-2034).
- These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2012-2035).
- These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2012-2036).
- These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2012-2037).
- These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2012-2038).
- These updates resolve null dereference vulnerabilities that could lead to code execution (CVE-2012-2039).
- These updates resolve a binary planting vulnerability in the Flash Player installer that could lead to code execution (CVE-2012-2040).
