Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
BID:58440
Info
Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
| Bugtraq ID: | 58440 |
| Class: | Unknown |
| CVE: |
CVE-2013-0650 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 12 2013 12:00AM |
| Updated: | Mar 19 2015 08:39AM |
| Credit: | Attila Suszter of Reversing on Windows blog |
| Vulnerable: |
SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 12.1 SuSE openSUSE 11.4 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client HP Systems Insight Manager 7.0 HP Systems Insight Manager 6.3 HP Systems Insight Manager 6.2 HP Systems Insight Manager 6.1 HP Systems Insight Manager 6.0.0.96 HP Systems Insight Manager 6.0 |
| Not Vulnerable: | |
Discussion
Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
Adobe Flash Player and AIR are prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
Adobe Flash Player and AIR are prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
Exploit / POC
Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Adobe Flash Player and AIR CVE-2013-0650 Use After Free Remote Code Execution Vulnerability
References:
References:
- Adobe AIR homepage (Adobe)
- Adobe Flash Homepage (Adobe)
- Adobe Homepage (Adobe)
- BSRT-2013-007 Vulnerabilities in Adobe Flash Player version included with the Bl (BlackBerry)
- Stable Channel Update 25.0.1364.172 (Google)
- Adobe Flash Player: Multiple vulnerabilities (Gentoo)
- APSB13-09 Security updates available for Adobe Flash Player (Adobe)
- HP Systems Insight Manager (SIM) Running on Linux and Windows, Remote Execution (HP)
- Microsoft Security Advisory (2755801) Update for Vulnerabilities in Adobe Flash (Microsoft)