APSB13-11 – Adobe Flash April 2013 Security Bulletin Review

Adobe has release, the 9 April 2013, during his April Patch Tuesday, one Adobe Flash security bulletin dealing with four vulnerabilities. This security bulletin has a Critical severity rating.

APSB13-11 – Security updates available for Adobe Flash Player

APSB13-11 is concerning :

  • Adobe Flash Player 11.6.602.180 and earlier versions for Windows and Macintosh
  • Adobe Flash Player  and earlier versions for Linux
  • Adobe Flash Player and earlier versions for Android 4.x
  • Adobe Flash Player and earlier versions for Android 3.x and 2.x
  • Adobe AIR and earlier versions for Windows, Macintosh and Android
  • Adobe AIR SDK & Compiler and earlier version

CVE-2013-1378 (7.5 CVSS base score), CVE-2013-1379 (7.5 CVSS base score) and CVE-2013-1380 (7.5 CVSS base score) have been discovered and privately reported by Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security TeamCVE-2013-2555 (10.0 CVSS base score) has been discovered and privately reported by a VUPEN Security reported through TippingPoint’s Zero Day Initiative.