Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
BID:58396
Info
Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
| Bugtraq ID: | 58396 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2013-2555 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2013 12:00AM |
| Updated: | Mar 12 2014 12:53PM |
| Credit: | Nicolas Joly of VUPEN Security reported through TippingPoint's Zero Day Initiative |
| Vulnerable: |
SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 11.4 HP Systems Insight Manager 7.0 HP Systems Insight Manager 6.3 HP Systems Insight Manager 6.2 HP Systems Insight Manager 6.1 HP Systems Insight Manager 6.0.0.96 HP Systems Insight Manager 6.0 Google Chrome 17.0.963 79 Google Chrome 17.0.963 65 Google Chrome 16.0.912 75 Google Chrome 15.0.874 102 Google Chrome 19.0.1084.52 Google Chrome 19 Google Chrome 18.0.1025.168 Google Chrome 18.0.1025.162 Google Chrome 18.0.1025.151 Google Chrome 18.0.1025.142 Google Chrome 17.0.963.83 Google Chrome 17.0.963.78 Google Chrome 17.0.963.60 Google Chrome 17.0.963.56 Google Chrome 17.0.963.46 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Google Chrome 14.0.835.202 Google Chrome 14.0.835.186 Google Chrome 14.0.835.163 Google Chrome 14 Google Chrome 13.0.782.215 Google Chrome 13.0.782.112 Google Chrome 13.0.782.107 Google Chrome 13 Google Chrome 12.0.742.91 Google Chrome 12.0.742.112 Google Chrome 12.0.742.100 Google Chrome 12 Google Chrome 11.0.696.77 Google Chrome 11.0.696.71 Google Chrome 11.0.696.68 Google Chrome 11.0.696.65 Google Chrome 11.0.696.57 Google Chrome 11.0.696.43 Google Chrome 11.0.696.43 Google Chrome 11.0.672.2 Google Chrome 11 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.204 Google Chrome 10.0.648.133 Google Chrome 10.0.648.128 Google Chrome 10.0.648.127 Google Chrome 10.0.648.127 Google Chrome 10 Adobe Flash Player for Android 11.1.102.59 Adobe Flash Player for Android 11.0.1.153 Adobe Flash Player 10.1.53 .64 Adobe Flash Player 10.1.51 .66 Adobe Flash Player 10.0.22 .87 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.0.14.0 Adobe Flash Player 6.0.79 Adobe Flash Player 6.0.21.0 Adobe Flash Player 11.2.202.235 Adobe Flash Player 11.2.202.233 Adobe Flash Player 11.2.202.229 Adobe Flash Player 11.2.202.228 Adobe Flash Player 11.2.202.223 Adobe Flash Player 11.1.115.8 Adobe Flash Player 11.1.115.7 Adobe Flash Player 11.1.115.6 Adobe Flash Player 11.1.112.61 Adobe Flash Player 11.1.111.9 Adobe Flash Player 11.1.111.8 Adobe Flash Player 11.1.111.7 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.102.63 Adobe Flash Player 11.1.102.62 Adobe Flash Player 11.1.102.55 Adobe Flash Player 11.1.102.228 Adobe Flash Player 11.0.1.152 Adobe Flash Player 10.3.186.7 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.2 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.22 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.183.4 Adobe Flash Player 10.3.183.10 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.26 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.22 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.2.154.28 Adobe Flash Player 10.2.154.27 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.24 Adobe Flash Player 10.2.154.18 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.21 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10 |
| Not Vulnerable: | |
Discussion
Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the application or cause denial-of-service conditions.
Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the application or cause denial-of-service conditions.
Exploit / POC
Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
References:
References:
- Adobe Flash Homepage (Adobe)
- Adobe Homepage (Adobe)
- Adobe Flash Player: Multiple vulnerabilities (Gentoo)