Adobe has release, the 11 November 2012, during his November Patch Tuesday, one Adobe Flash security bulletin dealing with 3 vulnerabilities. All these security bulletins have a Critical severity rating. All of these vulnerabilities have a 10.0 CVSS base score.

APSB12-27 – Security updates available for Adobe Flash Player

APSB12-27 is concerning :

  • Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.251  and earlier versions for Linux
  • Adobe Flash Player 11.1.115.27 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.24 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.5.0.600 and earlier versions for Windows and Macintosh, Android and SDK (includes AIR for iOS)

CVE-2012-5676 (10.0 CVSS base score) has been discovered and reported by Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of theGoogle Security TeamCVE-2012-5677 (10.0 CVSS base score) has been discovered and reported by an anonymous contributor throughTipping Point’s Zero Day InitiativeCVE-2012-5678 (10.0 CVSS base score) have been discovered and reported by Tavis Ormandy of the Google Security Team.