Lucene search

[email protected]CVE-2013-3335

HistoryMay 16, 2013 - 11:45 a.m.

CVE-2013-3335

2013-05-1611:45:31

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-3335

adobe flash player

arbitrary code execution

denial of service

memory corruption

nvd

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.4%

JSON

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3334.

Affected configurations

NVD

Node

adobeflash_playerRange<10.3.183.86

adobeflash_playerRange11.0–11.7.700.202

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange<10.3.183.86

adobeflash_playerRange11.0–11.2.202.285

AND

linuxlinux_kernel

Node

adobeflash_playerRange<11.1.111.54

AND

googleandroidRange2.0–2.3.7

googleandroidRange3.0–3.2.6

Node

adobeflash_playerRange<11.1.115.58

AND

googleandroidRange4.0–4.2

Node

adobeadobe_airRange<3.7.0.1860

adobeadobe_air_sdkRange<3.7.0.1860

Node

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_eusMatch5.9

redhatenterprise_linux_eusMatch6.4

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_eusMatch5.9

redhatenterprise_linux_server_eusMatch6.4

redhatenterprise_linux_workstationMatch6.0

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

suselinux_enterprise_desktopMatch10sp4-

suselinux_enterprise_desktopMatch11sp2

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt10.3.183.86
adobe:flash_playeradobe flash playerlt11.7.700.202

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	lt	10.3.183.86
adobe:flash_player	adobe flash player	lt	11.7.700.202

References

lists.opensuse.org/opensuse-security-announce/2013-05/msg00003.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00003.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00010.html

rhn.redhat.com/errata/RHSA-2013-0825.html

secunia.com/advisories/53442

www.adobe.com/support/security/bulletins/apsb13-14.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16921

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for CVE-2013-3335

prion13 openvas13 nessus11 cve12 cvelist13 nvd13 ubuntucve13 suse3 redhat1 freebsd1 securityvulns1 checkpoint_advisories1 gentoo1