Buffer overflow in Adobe Adobe_air

CVE-2013-0630

Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on A…

Vulnerability class: Buffer Overflow

EPSS: 0.072 (91.7th percentile) — read the EPSS interpretation.

Affected products

Adobe Adobe_air — versions 3.5.0.600, 3.5.0.880
Adobe Adobe_air_sdk — versions 3.5.0.600, 3.5.0.880
Adobe Flash_player — versions 10.3.181.14, 10.3.181.16, 10.3.181.22
Adobe Flash_player_for_android — versions 11.1.115.6, 11.1.115.7, 11.1.115.8
Apple Mac_os_x
Google Android — versions 4.0, 4.0.1, 4.0.2
Linux Linux_kernel
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

openSUSE-SU-2013:0168 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2013:0121 (vendor-advisory, x_refsource_SUSE)
SUSE-SU-2013:0033 (vendor-advisory, x_refsource_SUSE)
RHSA-2013:0149 (x_refsource_REDHAT, vendor-advisory)
openSUSE-SU-2013:0364 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2013:0128 (vendor-advisory, x_refsource_SUSE)
psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)