PT-2013-5492 · Adobe+3 · Flash Player+6

Published

2013-12-11

·

Updated

2018-12-13

·

CVE-2013-5332

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 11.7.700.257 Adobe Flash Player versions 11.8.x Adobe Flash Player versions prior to 11.9.900.170 Adobe Flash Player version prior to 11.2.202.332 on Linux Adobe AIR versions prior to 3.9.0.1380 Adobe AIR SDK versions prior to 3.9.0.1380 Adobe AIR SDK & Compiler versions prior to 3.9.0.1380
Description The issue allows attackers to execute arbitrary code or cause a denial of service due to memory corruption via unspecified vectors.
Recommendations For Adobe Flash Player versions prior to 11.7.700.257, update to version 11.7.700.257 or later. For Adobe Flash Player versions 11.8.x, update to a version after 11.8.x. For Adobe Flash Player versions prior to 11.9.900.170, update to version 11.9.900.170 or later. For Adobe Flash Player version prior to 11.2.202.332 on Linux, update to version 11.2.202.332 or later. For Adobe AIR versions prior to 3.9.0.1380, update to version 3.9.0.1380 or later. For Adobe AIR SDK versions prior to 3.9.0.1380, update to version 3.9.0.1380 or later. For Adobe AIR SDK & Compiler versions prior to 3.9.0.1380, update to version 3.9.0.1380 or later.

Exploit

Fix

DoS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

ALT-PU-2014-1014
CVE-2013-5332
MGASA-2013-0370
RHSA-2013:1818
RHSA-2013_1818

Affected Products

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse