22 Aug 2012
25 Sep 2012
Adobe AIR 3.x
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Exposure of sensitive information
Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote.
Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An integer overflow error can be exploited to corrupt memory.
6) An error can lead to cross-domain information leaks.
7) A logic error exists when handling multiple dialogs within Firefox.
8) An integer overflow error in the "copyRawDataTo()" method in the Matrix3D class can be exploited to corrupt memory.
The vulnerabilities are reported in the following versions:
Update to a fixed version.
Flash Player 11.4.402.265 for Windows and Macintosh:
Flash Player 11.4.402.265 - network distribution:
Flash Player 184.108.40.206 for Linux:
Flash Player 220.127.116.11 for Android 4.x:
Flash Player 18.104.22.168 for Android 3.x and 2.x:
Flash Player 22.214.171.124 for Chrome users (Windows and Linux)
Flash Player 11.4.402.265 for Chrome users (Macintosh)
AIR 126.96.36.1990 for Windows and Macintosh:
AIR 188.8.131.520 SDK (includes AIR for iOS):
The vendor credits: