APSB12-24 – Adobe November 2012 Patch Tuesday Review

Vulnerability Management,

Adobe has release, the 6 November 2012, during his November Patch Tuesday, one security bulletin dealing with 7 vulnerabilities. All these security bulletins have a Critical severity rating. All of these vulnerabilities have a CVSS base score of 10.0.

APSB12-24 – Security updates available for Adobe Flash Player

APSB12-24 is concerning :

  • Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.243 and earlier versions for Linux
  • Adobe Flash Player 11.2.202.238 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (includes AIR for iOS) and Android

CVE-2012-5274 (CVSS base score of 10.0), CVE-2012-5275 (CVSS base score of 10.0), CVE-2012-5276 (CVSS base score of 10.0), CVE-2012-5277 (CVSS base score of 10.0), CVE-2012-5279 (CVSS base score of 10.0), CVE-2012-5280 (CVSS base score of 10.0) have been discovered and reported by Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team.

CVE-2012-5278 (CVSS base score of 10.0) has been discovered and reported by Eduardo Vela Nava of the Google Security Team.

I advise you to update asap your Adobe Flash Player.