First published: Wed Nov 13 2013(Updated: )
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5329.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Macromedia Flash Player | >=11.0<11.7.700.252 | |
Macromedia Flash Player | >=11.8<11.8.800.175 | |
Macromedia Flash Player | >=11.9<11.9.900.152 | |
Apple iOS and macOS | ||
Microsoft Windows | ||
Macromedia Flash Player | >=11.0<11.2.202.327 | |
Linux Kernel | ||
Adobe | <3.9.0.1210 | |
Adobe AIR | <3.9.0.1210 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-5330 is rated as a critical vulnerability that allows attackers to execute arbitrary code.
To mitigate CVE-2013-5330, users should update Adobe Flash Player and Adobe AIR to their latest versions.
CVE-2013-5330 affects Adobe Flash Player versions prior to 11.7.700.252, 11.8.x before 11.8.800.175, and 11.9.x before 11.9.900.152.
Yes, CVE-2013-5330 affects Adobe Flash Player versions before 11.2.202.327 on Linux.
Yes, CVE-2013-5330 affects Adobe AIR versions before 3.9.0.1210 and Adobe AIR SDK and Compiler versions before 3.9.0.1210.