Lucene search

[email protected]CVE-2013-3335

HistoryMay 16, 2013 - 11:45 a.m.

CVE-2013-3335

2013-05-1611:45:31

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-3335

adobe flash player

arbitrary code execution

denial of service

memory corruption

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.5%

JSON

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, and CVE-2013-3334.

Affected configurations

NVD

Node

adobeflash_playerRange<10.3.183.86

adobeflash_playerRange11.0–11.7.700.202

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange<10.3.183.86

adobeflash_playerRange11.0–11.2.202.285

AND

linuxlinux_kernel

Node

adobeflash_playerRange<11.1.111.54

AND

googleandroidRange2.0–2.3.7

googleandroidRange3.0–3.2.6

Node

adobeflash_playerRange<11.1.115.58

AND

googleandroidRange4.0–4.2

Node

adobeadobe_airRange<3.7.0.1860

adobeadobe_air_sdkRange<3.7.0.1860

Node

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_eusMatch5.9

redhatenterprise_linux_eusMatch6.4

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_eusMatch5.9

redhatenterprise_linux_server_eusMatch6.4

redhatenterprise_linux_workstationMatch6.0

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

suselinux_enterprise_desktopMatch10sp4-

suselinux_enterprise_desktopMatch11sp2

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt10.3.183.86
adobe:flash_playeradobe flash playerlt11.7.700.202

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	lt	10.3.183.86
adobe:flash_player	adobe flash player	lt	11.7.700.202

References

lists.opensuse.org/opensuse-security-announce/2013-05/msg00003.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00003.html

lists.opensuse.org/opensuse-security-announce/2013-06/msg00010.html

rhn.redhat.com/errata/RHSA-2013-0825.html

secunia.com/advisories/53442

www.adobe.com/support/security/bulletins/apsb13-14.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16921

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for CVE-2013-3335

cve12 nessus11 suse3 openvas13 ubuntucve13 prion13 cvelist13 nvd13 freebsd1 redhat1 securityvulns1 checkpoint_advisories1 gentoo1