Vulnerability Description
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Adobe Air Sdk | <= 3.6.0.6090 |
| Adobe | Flash Player | <= 10.3.183.68 |
| Linux | Linux Kernel | All versions |
| Android | 4.0 | |
| Adobe | Adobe Air | <= 3.6.0.6090 |
| Novell | Suse Linux Enterprise Desktop | 11.0 |
| Opensuse | Opensuse | 11.4 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html
- http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html
- http://marc.info/?l=bugtraq&m=139455789818399&w=2
- http://rhn.redhat.com/errata/RHSA-2013-0730.html
- http://www.adobe.com/support/security/bulletins/apsb13-11.htmlPatchVendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html
- http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html
- http://marc.info/?l=bugtraq&m=139455789818399&w=2
- http://rhn.redhat.com/errata/RHSA-2013-0730.html
- http://www.adobe.com/support/security/bulletins/apsb13-11.htmlPatchVendor Advisory
FAQ
What is CVE-2013-1379?
CVE-2013-1379 is a vulnerability with a CVSS score of 10.0 (HIGH). Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and bef...
How severe is CVE-2013-1379?
CVE-2013-1379 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1379?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Adobe Air Sdk, Adobe Flash Player, Linux Linux Kernel, Google Android, Adobe Adobe Air.