What is CVE-2013-0634?

CVE-2013-0634 is a vulnerability in Adobe Flash_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-02-08.

Is CVE-2013-0634 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Adobe Flash_player

CVE-2013-0634

Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows r…

Vulnerability class: Buffer Overflow

EPSS: 0.903 (99.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
RHSA-2013:0243 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
openSUSE-SU-2013:0279 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2013:0288 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
openSUSE-SU-2013:0284 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2013-0634?: CVE-2013-0634 is a vulnerability in Adobe Flash_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-02-08.
Is CVE-2013-0634 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.