QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2555

Published: Mar 11, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20130418 VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555)

mailing-list

x_refsource_BUGTRAQ

http://twitter.com/VUPEN/statuses/309713355466227713

x_refsource_MISC

SUSE-SU-2013:0670

vendor-advisory

x_refsource_SUSE

http://www.adobe.com/support/security/bulletins/apsb13-11.html

x_refsource_CONFIRM

http://twitter.com/thezdi/statuses/309756927301283840

x_refsource_MISC

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:0672

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0675

vendor-advisory

x_refsource_SUSE

http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.