Vulnerability Description
Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 11.7.700.224 |
| Microsoft | Windows | All versions |
| Apple | Mac Os X | All versions |
| Linux | Linux Kernel | All versions |
| Android | 2.0 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html
- http://www.adobe.com/support/security/bulletins/apsb13-17.htmlPatchVendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html
- http://www.adobe.com/support/security/bulletins/apsb13-17.htmlPatchVendor Advisory
FAQ
What is CVE-2013-3347?
CVE-2013-3347 is a vulnerability with a CVSS score of 10.0 (HIGH). Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11...
How severe is CVE-2013-3347?
CVE-2013-3347 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3347?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Microsoft Windows, Apple Mac Os X, Linux Linux Kernel, Google Android.