-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2014-047 Title: Security updates available for Adobe Flash Player Version history: 15.05.2014 Initial publication Summary ======= Adobe has released security updates for Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.356 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system [1]. These updates address a critical vulnerabilities in the software. CVE Numbers reported: CVE-2014-0510 CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/AU:N/C:C/I:C/A:C) [2] CVE-2014-0516 CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVE-2014-0517 CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVE-2014-0518 CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVE-2014-0519 CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVE-2014-0520 CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/AU:N/C:P/I:P/A:P) Vulnerable systems ================== Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh Adobe Flash Player 11.2.202.356 and earlier versions for Linux Adobe AIR 13.0.0.83 SDK and earlier versions Adobe AIR 13.0.0.83 SDK & Compiler and earlier versions What can you do? ================ Adobe recommends users update their product installations to the latest versions: Users of Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.214. Users of Adobe Flash Player 11.2.202.356 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.359. Adobe Flash Player 13.0.0.206 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 13.0.0.214 for Windows, Macintosh and Linux. Adobe Flash Player 13.0.0.206 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 13.0.0.214 for Windows 8.0. Adobe Flash Player 13.0.0.206 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 13.0.0.214 for Windows 8.1. Users of the Adobe AIR 13.0.0.83 SDK and earlier versions should update to the Adobe AIR 13.0.0.111 SDK. Users of the Adobe AIR 13.0.0.83 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.111 SDK & Compiler. Please follow the update instructions in the original advisory [1] More information ================ [1] http://helpx.adobe.com/security/products/flash-player/apsb14-14.html [2] http://nvd.nist.gov/cvss.cfm?vectorinfo&version=2 Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJTdN3fAAoJEPpzpNLI8SVoY3EP/3h0c0pHkELfbaP+TbVj97fq b72pJoF/bRFjvNa0/PKKkIAFqopTnalav87odexo7WdLdj0Uapzi+/N3f5gbVPm2 aBC5UFSfAYoL873MEizo9QrJ2BR1Eqniqa03Rj5sLwCvX5jvClZPisKJDgGDOuyz F08CBOf4vI7BQ+X6w1YJbhbXEu9qUfTLlBlNz78taaKSLQkuoZ7WvcYulmkYeRPI YQxorX6qB1WLI6lpGZ1Y2vmcoblZRxB+lE2hrVvgGQ+FEy12+Dcx8MOjAnjeedYB 8WtWqbNYVrIGE6x1ZNotxfKdPXYnZ3uYbvIHLQAhWub1GrNidqAInhlE7vzubZ4A ef6nMKnwNtBc2y7Q3W0iIlMJo5/ekmFFic5y98F3NmWNz0xN3xjday+Y6lgaS2ha Y9CHzExzLkFUtiMuybNRzJj0rX+2CYUW6N9IOaY5NMwMwWRV5kOldRIoZ8Sd1zJl N5MPqYdkMOaZj9mXClcl0voQ7Y2O9c+ZcXmmcs3gLN0YRNLn2okGMMisqEbmWLsm cWsDzoF2JZqKODTKk2JoOIIGxmEBiLOxNXPU/nVhOAmiBzB9aInMLSTfmABlzd9r 484UAN/UMpVOjeEl6H7uZBnQyfbci6sGbZqgyvzZYiHPx75XK2UsRQUsYYuyEtyf WdD1xBppRLZnhm7rE4Do =WYHW -----END PGP SIGNATURE-----