Adobe has release, the 11 November 2012, during his November Patch Tuesday, one Adobe Flash security bulletin dealing with 3 vulnerabilities. All these security bulletins have a Critical severity rating. All of these vulnerabilities have a 10.0 CVSS base score.
APSB12-27 – Security updates available for Adobe Flash Player
APSB12-27 is concerning :
- Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh
- Adobe Flash Player 18.104.22.168 and earlier versions for Linux
- Adobe Flash Player 22.214.171.124 and earlier versions for Android 4.x
- Adobe Flash Player 126.96.36.199 and earlier versions for Android 3.x and 2.x
- Adobe AIR 188.8.131.520 and earlier versions for Windows and Macintosh, Android and SDK (includes AIR for iOS)
CVE-2012-5676 (10.0 CVSS base score) has been discovered and reported by Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of theGoogle Security Team. CVE-2012-5677 (10.0 CVSS base score) has been discovered and reported by an anonymous contributor throughTipping Point’s Zero Day Initiative. CVE-2012-5678 (10.0 CVSS base score) have been discovered and reported by Tavis Ormandy of the Google Security Team.