Adobe Flash Player and AIR CVE-2013-0646 Remote Integer Overflow Vulnerability

Bugtraq ID:	58436
Class:	Boundary Condition Error
CVE:	CVE-2013-0646
Remote:	Yes
Local:	No
Published:	Mar 12 2013 12:00AM
Updated:	Mar 12 2014 12:53PM
Credit:	iDefense's Vulnerability Contributor Program
Vulnerable:	SuSE SUSE Linux Enterprise Desktop 11 SP2 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise Desktop 10 SP4 + Linux kernel 2.6.5 SuSE openSUSE 12.1 SuSE openSUSE 11.4 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client HP Systems Insight Manager 7.0 HP Systems Insight Manager 6.3 HP Systems Insight Manager 6.2 HP Systems Insight Manager 6.1 HP Systems Insight Manager 6.0.0.96 HP Systems Insight Manager 6.0
Not Vulnerable:

Adobe Flash Player and AIR CVE-2013-0646 Remote Integer Overflow Vulnerability

Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the application or cause denial-of-service conditions.

Adobe Flash Player and AIR CVE-2013-0646 Remote Integer Overflow Vulnerability

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Adobe Flash Player and AIR CVE-2013-0646 Remote Integer Overflow Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Adobe Flash Player and AIR CVE-2013-0646 Remote Integer Overflow Vulnerability

References:

• Adobe AIR homepage (Adobe)
  
• Adobe Flash Homepage (Adobe)
  
• Adobe Flash Player: Multiple vulnerabilities (Gentoo)