{"id":20990,"date":"2013-11-12T13:48:45","date_gmt":"2013-11-12T21:48:45","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=20990"},"modified":"2016-10-06T12:36:37","modified_gmt":"2016-10-06T19:36:37","slug":"adobe-flash-player-update-fixes-memory-corruption-bugs","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/adobe-flash-player-update-fixes-memory-corruption-bugs\/","title":{"rendered":"Adobe Flash Player Update Fixes Memory Corruption Bugs"},"content":{"rendered":"

\"adobe-patched\"<\/a>Today, Adobe released security updates for Adobe Flash Player for Mac, Windows and Linux, resolving memory corruption bugs in the software. These updates specifically address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.<\/p>\n

The following software versions are affected and should be updated as soon as possible: Adobe Flash Player 11.9.900.117 and earlier versions for Mac and Windows, as well as Adobe Flash Player 11.2.202.310 and earlier versions for Linux. Moreover, updates are also available for Adobe AIR 3.9.0.1030 and earlier versions for Windows and Macintosh.<\/p>\n

Adobe\u2019s security bulletin (APSB13-26<\/a>) describes the bugs fixed in the Flash Player update as follows:<\/p>\n

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-5329<\/a>, CVE-2013-5330<\/a>).<\/p><\/blockquote>\n

MORE:\u00a0How to Tell if Adobe Flash Player Update is Valid<\/a><\/strong><\/p>\n

In addition to updating Flash Player, Adobe released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Macintosh, Windows and Linux. The hotfix addresses an important cross-site scripting vulnerability, as well as a critical remote read vulnerability.<\/p>\n

The ColdFusion security bulletin (APSB13-27<\/a>) describes the bugs fixed in this hotfix as follows:<\/p>\n