Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-2555
HistoryMar 11, 2013 - 12:00 a.m.

CVE-2013-2555

2013-03-1100:00:00
ubuntu.com
ubuntu.com
8

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.322 Low

EPSS

Percentile

97.0%

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before
11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before
11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and
before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe
AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute
arbitrary code via unspecified vectors, as demonstrated by VUPEN during a
Pwn2Own competition at CanSecWest 2013.

Notes

Author Note
jdstrand chriscoulson provides updates for partner (adobe-flashplugin)
mdeslaur possibly windows-only, marking as not-affected for now.

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.322 Low

EPSS

Percentile

97.0%