Lucene search

K
cve[email protected]CVE-2013-2555
HistoryMar 11, 2013 - 10:55 a.m.

CVE-2013-2555

2013-03-1110:55:01
CWE-190
web.nvd.nist.gov
121
4
cve
adobe flash player
integer overflow
remote code execution
vupen
pwn2own
cansecwest 2013

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.322 Low

EPSS

Percentile

97.0%

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

Affected configurations

NVD
Node
adobeflash_playerRange≀11.1.115.48
AND
googleandroidRange4.0–4.4.4
Node
adobeflash_playerRange≀11.1.111.44
AND
googleandroidRange2.0–3.2.6
Node
adobeflash_playerRange11.0–11.6.602.180
AND
applemacosMatch-
OR
microsoftwindowsMatch-
Node
adobeflash_playerRange11.0–11.2.202.275
AND
linuxlinux_kernelMatch-
Node
adobeairRange≀3.6.0.6090
AND
applemacosMatch-
OR
googleandroidMatch-
OR
microsoftwindowsMatch-
Node
opensuseopensuseMatch11.4
OR
opensuseopensuseMatch12.1
OR
opensuseopensuseMatch12.2
OR
opensuseopensuseMatch12.3
OR
suselinux_enterprise_desktopMatch11sp2
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_eusMatch5.9
OR
redhatenterprise_linux_eusMatch6.4
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_server_ausMatch5.9
OR
redhatenterprise_linux_server_ausMatch6.4
OR
redhatenterprise_linux_workstationMatch6.0
Node
adobeflash_playerRange<10.3.183.75
AND
applemacosMatch-
OR
microsoftwindowsMatch-
Node
adobeflash_playerRange≀10.3.183.75
AND
linuxlinux_kernelMatch-

Social References

More

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.322 Low

EPSS

Percentile

97.0%