Release date: May 8, 2012
Last Updated: May 11, 2012
Vulnerability identifier: APSB12-12
Priority: 3
CVE number: CVE-2012-0778
Platform: Windows and Macintosh
Adobe released a security upgrade for Adobe Flash Professional CS5.5.1 (11.5.1.349) and earlier for Windows and Macintosh. This upgrade addresses a vulnerability that could allow an attacker who successfully exploits this vulnerability to take control of the affected system.
Adobe Flash Professional CS6 addresses this vulnerability. We are in the process of resolving these vulnerabilities in Adobe Flash Professional CS5.x, and will update this Security Bulletin once the patch is available. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.
Adobe Flash Professional CS5.5.1 (11.5.1.349) and earlier for Windows and Macintosh
Adobe has released Adobe Flash Professional CS6 (paid upgrade), which addresses this vulnerability. We are in the process of resolving these vulnerabilities in Adobe Flash Professional CS5.x, and will update this Security Bulletin once the patch is available. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.
Adobe categorizes this upgrade with the following priority rating:
Product |
Updated Version |
Platform |
Priority Rating |
|---|---|---|---|
| Adobe Flash Professional | CS6 | Windows and Macintosh | 3 |
This update addresses a critical vulnerability in the software.
Adobe released a security upgrade for Adobe Flash Professional CS5.5.1 (11.5.1.349) and earlier for Windows and Macintosh. This upgrade addresses a vulnerability that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Flash Professional.
Adobe Flash Professional CS6 addresses this vulnerability. We are in the process of resolving these vulnerabilities in Adobe Flash Professional CS5.x, and will update this Security Bulletin once the patch is available. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.
This upgrade resolves a buffer overflow vulnerability that could lead to code execution (CVE-2012-0778).
Adobe would like to thank the following individual and organization for reporting the relevant issue and for working with Adobe to help protect our customers:
May 11, 2012 -
Added information on update to Adobe Flash Professional CS5.x.
May 11, 2012 - Corrected last affected version number.
May 8, 2012 - Bulletin released
