CVE-2013-2555: Integer Overflow
First published: Mon Mar 11 2013(Updated: )
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Flash Player | <=11.1.115.48 | |
| Google Android | >=4.0<=4.4.4 | |
| Adobe Flash Player | <=11.1.111.44 | |
| Google Android | >=2.0<=3.2.6 | |
| Adobe Flash Player | >=11.0<=11.6.602.180 | |
| Apple macOS | ||
| Microsoft Windows | ||
| Adobe Flash Player | >=11.0<=11.2.202.275 | |
| Linux Linux kernel | ||
| Adobe Air | <=3.6.0.6090 | |
| Google Android | ||
| openSUSE openSUSE | =11.4 | |
| openSUSE openSUSE | =12.1 | |
| openSUSE openSUSE | =12.2 | |
| openSUSE openSUSE | =12.3 | |
| SUSE Linux Enterprise Desktop | =11-sp2 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Eus | =5.9 | |
| Redhat Enterprise Linux Eus | =6.4 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server Aus | =5.9 | |
| Redhat Enterprise Linux Server Aus | =6.4 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Adobe Flash Player | <10.3.183.75 | |
| Adobe Flash Player | <=10.3.183.75 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2013-04/0197.html
- http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html
- http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html
- http://marc.info/?l=bugtraq&m=139455789818399&w=2
- http://rhn.redhat.com/errata/RHSA-2013-0730.html
- http://twitter.com/VUPEN/statuses/309713355466227713
- http://twitter.com/thezdi/statuses/309756927301283840
- http://www.adobe.com/support/security/bulletins/apsb13-11.html
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/adobe
- canonical/adobe flash player
- version/adobe flash player/11.1.115.48
- vendor/google
- canonical/google android
- version/google android/4.0
- version/google android/4.4.4
- version/adobe flash player/11.1.111.44
- version/google android/2.0
- version/google android/3.2.6
- version/adobe flash player/11.0
- version/adobe flash player/11.6.602.180
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows
- version/adobe flash player/11.2.202.275
- vendor/linux
- canonical/linux linux kernel
- canonical/adobe air
- version/adobe air/3.6.0.6090
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/11.4
- version/opensuse opensuse/12.1
- version/opensuse opensuse/12.2
- version/opensuse opensuse/12.3
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp2
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/5.9
- version/redhat enterprise linux eus/6.4
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/5.9
- version/redhat enterprise linux server aus/6.4
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/adobe flash player/10.3.183.75