remote code execution in flash-player

Flash Player has been updated to version 10.3, fixing bugs and security issues. - CVE-2011-0589: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0618: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Numeric Errors (CWE-189) - CVE-2011-0619: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0620: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0621: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0622: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0623: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0624: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0625: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0626: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0627: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) More information can be found on: http://www.adobe.com/support/security/bulletins/apsb11-12.html

Solution

If supported by the browser, you can disable the flash plugin.