Flash Player <= 10.3.183.51 / 11.5.502.149 Multiple Vulnerabilities (APSB13-05)

2013-02-1400:00:00

Tenable

www.tenable.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.015

Percentile

87.0%

JSON

The remote host has Adobe Flash Player installed.

Versions of Flash Player 11.x equal to or earlier than 11.5.502.149, or 10.x equal to or earlier than 10.3.183.51 are affected by multiple vulnerabilities:

Several unspecified issues exist that could lead to buffer overflows and arbitrary code execution. (CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-1365, CVE-2013-1368, CVE-2013-0642, CVE-2013-1367)
Several unspecified use-after-free vulnerabilities exist that could lead to remote code execution. (CVE-2013-0649, CVE-2013-1374, CVE-2013-0644)
Two unspecified issues exist that could lead to memory corruption and arbitrary code execution. (CVE-2013-0638, CVE-2013-0647)
An unspecified information disclosure vulnerability exists. (CVE-2013-0637)
An unspecified integer overflow vulnerability exists.(CVE-2013-0639)