canonical-partner-dev team mailing list archive

[Karma Dorje <1037020@xxxxxxxxxxxxxxxxxx>]

*** This bug is a security vulnerability ***

Public security bug reported:

Adobe has released security updates for Adobe Flash Player 11.3.300.270
and earlier versions for Windows, Macintosh and Linux. These updates
address a vulnerability (CVE-2012-1535) that could cause the application
to crash and potentially allow an attacker to take control of the
affected system.

There are reports that the vulnerability is being exploited in the wild
in limited targeted attacks, distributed through a malicious Word
document. The exploit targets the ActiveX version of Flash Player for
Internet Explorer on Windows.

Reference:
http://www.adobe.com/support/security/bulletins/apsb12-18.html

** Affects: adobe-flashplugin (Ubuntu)
     Importance: Undecided
         Status: Confirmed

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1535

** Changed in: adobe-flashplugin (Ubuntu)
       Status: New => Confirmed

** Visibility changed to: Public

-- 
You received this bug notification because you are a member of Canonical
Partner Developers, which is subscribed to adobe-flashplugin in Ubuntu.
https://bugs.launchpad.net/bugs/1037020

Title:
  (CVE-2012-1535) <adobe-flashplugin-11.2.202.238: code execution flaw
  (APSB12-18)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adobe-flashplugin/+bug/1037020/+subscriptions