06 Mar 2012
10 Apr 2012
Adobe Flash Player 10.x
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Exposure of sensitive information
Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote.
Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
1) An unspecified error in Matrix3D can be exploited to corrupt memory and may allow execution of arbitrary code.
2) An input validation error within the "histogram()" method of the "BitmapData" class can be exploited to disclose information.
The vulnerabilities are reported in the following versions:
Update to a fixed version.
Flash Player 18.104.22.168 and earlier:
Flash Player 22.214.171.124 and earlier - network distribution:
Flash Player 10.x:
Flash Player 126.96.36.199 and earlier for Android 4.x:
Flash Player 188.8.131.52 and earlier for Android 3.x and 2.x:
1) The vendor credits Tavis Ormandy, Google Security Team.