Adobe announced it has patches four security vulnerabilities in Flash Player and AIR:
Adobe has released security updates for Adobe Flash Player 11.6.602.180 and earlier versions for Windows and Macintosh, Adobe Flash Player 220.127.116.115 and earlier versions for Linux, Adobe Flash Player 18.104.22.168 and earlier versions for Android 4.x, and Adobe Flash Player 22.214.171.124 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-2555).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-1378, CVE-2013-1380).
These updates resolve a memory corruption vulnerability caused by Flash Player improperly initializing certain pointer arrays, which could lead to code execution (CVE-2013-1379).