Adobe announced it has patches four security vulnerabilities in Flash Player and AIR:
Adobe has released security updates for Adobe Flash Player 11.6.602.180 and earlier versions for Windows and Macintosh, Adobe Flash Player 188.8.131.525 and earlier versions for Linux, Adobe Flash Player 184.108.40.206 and earlier versions for Android 4.x, and Adobe Flash Player 220.127.116.11 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-2555).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-1378, CVE-2013-1380).
These updates resolve a memory corruption vulnerability caused by Flash Player improperly initializing certain pointer arrays, which could lead to code execution (CVE-2013-1379).