Adobe APSB12-19 Flash Player Update Review

Adobe has release, the 21 August 2012, just one week after his Patch Tuesday release, an out of band patch APSB12-19 updating Flash Player 10.x and 11.x. This update correct 6 vulnerabilities, all these vulnerabilities have a Critical severity rating and 5 of the 6 vulnerabilities have a base CVSS score of 10.0.

CVE-2012-4163, with a CVSS base score of 10.0, how could lead to code execution, has been discovered and privately reported by Xu Liu of Fortinet’s FortiGuard Labs.

CVE-2012-4164, with a CVSS base score of 10.0, how could lead to code execution, has been discovered and privately reported by Will Dormann of CERT.

CVE-2012-4165 and CVE-2012-4166, with both a CVSS base score of 10.0, how could lead to code execution, has been discovered and privately reported by Honggang Ren of Fortinet’s FortiGuard Labs.

CVE-2012-4167, with a CVSS base score of 10.0, how could lead to code execution, has been discovered and privately reported by Alexander Gavrun through iDefense’s Vulnerability Contributor Program.

CVE-2012-4168, with a CVSS base score of 4.3, how could lead to information leak, has been discovered and privately reported by Opera Software ASA.