PT-2013-2486 · Adobe+2 · Flash Player+2
Published
2013-02-08
·
Updated
2018-12-06
·
CVE-2013-0634
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 10.3.183.51
Adobe Flash Player versions 11.x prior to 11.5.502.149 on Windows and Mac OS X
Adobe Flash Player versions 11.x prior to 11.2.202.262 on Linux
Adobe Flash Player version prior to 11.1.111.32 on Android 2.x and 3.x
Adobe Flash Player version prior to 11.1.115.37 on Android 4.x
Description
The issue allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via crafted SWF content. This issue has been exploited in the wild.
Recommendations
For Adobe Flash Player versions prior to 10.3.183.51, update to version 10.3.183.51 or later.
For Adobe Flash Player versions 11.x prior to 11.5.502.149 on Windows and Mac OS X, update to version 11.5.502.149 or later.
For Adobe Flash Player versions 11.x prior to 11.2.202.262 on Linux, update to version 11.2.202.262 or later.
For Adobe Flash Player version prior to 11.1.111.32 on Android 2.x and 3.x, update to version 11.1.111.32 or later.
For Adobe Flash Player version prior to 11.1.115.37 on Android 4.x, update to version 11.1.115.37 or later.
Exploit
Fix
RCE
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flash Player
Red Hat
Suse