Adobe Flash Player
Vulnerability: System compromise in Adobe Flash Player and Adobe AIR
Danger: High
Patch: Yes
Number of vulnerabilities: 1
CVE ID: CVE-2013-0630
Vector of operation: Remote
Impact: System Compromise
Affected Products: Adobe AIR 3.x, Adobe Flash Player 10.x, Adobe Flash Player 11.x
Affected versions:
– Adobe Flash Player 11.5.502.135 for Windows, probably other versions;
– Adobe Flash Player 11.5.502.136 for Mac, probably other versions;
– Adobe Flash Player 11.2.202.258 for Linux, probably other versions;
– Adobe Flash Player 11.1.115.34 for Android 4.x, probably other versions;
– Adobe Flash Player 11.1.111.29 for Android 3.x and 2.x, probably other versions;
– Adobe AIR 3.5.0.880 for Windows, probably other versions;
– Adobe AIR 3.5.0.890 for Macintosh, probably other versions;
– Adobe AIR 3.5.0.880 for Android, probably other versions;
– Adobe AIR 3.5.0.880 SDK, probably other versions;
– Adobe AIR 3.5.0.890 SDK, probably other versions.
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and potentially execute arbitrary code.
Manufacturer URL: http://www.adobe.com/products/flashplayer.html
Solution: Install the latest version from the manufacturer.
Links:
http://www.adobe.com/support/security/bulletins/apsb13-01.html
