Flattr this!

Date of publication: 09/01/2013
Modified: 09/01/2013
Danger: High
The presence of corrections: Yes
Number of vulnerabilities: 1
CVSSv2 rating: (AV: N / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 9.3/Temporal: 6.9
CVE ID: CVE-2013-0630
Vector operation: Remote
Impact: System compromise
CWE ID: No data
Be exploited No data
Affected products: Adobe AIR 3.x 
Adobe Flash Player 10.x 
Adobe Flash Player 11.x

Affected versions:

Adobe Flash Player 11.5.502.135 for Windows, possibly other versions.
Adobe Flash Player 11.5.502.136 for Mac, maybe other versions.
Adobe Flash Player 11.2.202.258 for Linux, maybe other versions.
Adobe Flash Player 11.1.115.34 for Android 4.x, possibly other versions.
Adobe Flash Player 11.1.111.29 for Android 3.x and 2.x, possibly other versions.
Adobe AIR 3.5.0.880 for Windows, possibly other versions.
Adobe AIR 3.5.0.890 for Macintosh, maybe others version.
Adobe AIR 3.5.0.880 for Android, maybe other versions.
3.5.0.880 Adobe AIR SDK, maybe other versions.
3.5.0.890 Adobe AIR SDK, perhaps the only one.

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and potentially execute arbitrary code.

Manufacturer URL: http://www.adobe.com/products/flashplayer.html

Solution: Install the latest version from the manufacturer.

Links: http://www.adobe.com/support/security/bulletins/apsb13-01.html