09 Jan 2013
Posted by synt4x 
Loading ...
| Date of publication: | 09/01/2013 |
| Modified: | 09/01/2013 |
| Danger: | High |
| The presence of corrections: | Yes |
| Number of vulnerabilities: | 1 |
| CVSSv2 rating: | (AV: N / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 9.3/Temporal: 6.9 |
| CVE ID: | CVE-2013-0630 |
| Vector operation: | Remote |
| Impact: | System compromise |
| CWE ID: | No data |
| Be exploited | No data |
| Affected products: | Adobe AIR 3.x Adobe Flash Player 10.x Adobe Flash Player 11.x |
Affected versions:
Adobe Flash Player 11.5.502.135 for Windows, possibly other versions.
Adobe Flash Player 11.5.502.136 for Mac, maybe other versions.
Adobe Flash Player 11.2.202.258 for Linux, maybe other versions.
Adobe Flash Player 11.1.115.34 for Android 4.x, possibly other versions.
Adobe Flash Player 11.1.111.29 for Android 3.x and 2.x, possibly other versions.
Adobe AIR 3.5.0.880 for Windows, possibly other versions.
Adobe AIR 3.5.0.890 for Macintosh, maybe others version.
Adobe AIR 3.5.0.880 for Android, maybe other versions.
3.5.0.880 Adobe AIR SDK, maybe other versions.
3.5.0.890 Adobe AIR SDK, perhaps the only one.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and potentially execute arbitrary code.
Manufacturer URL: http://www.adobe.com/products/flashplayer.html
Solution: Install the latest version from the manufacturer.
Links: http://www.adobe.com/support/security/bulletins/apsb13-01.html
