You are here

V-065: Adobe Flash Player Buffer Overflow Lets Remote Users Execute Arbitrary Code

January 9, 2013 - 12:10am

Addthis

PROBLEM:

Adobe Flash Player Buffer Overflow Lets Remote Users Execute Arbitrary Code

PLATFORM:

Adobe Flash Player 11.5.502.135 and earlier versions for Windows
Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh
Adobe Flash Player 11.2.202.258 and earlier versions for Linux
Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x
Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x.

ABSTRACT:

Security updates available for Adobe Flash Player

REFERENCE LINKS:

Adobe Security Bulletin APSB13-01
SecurityTracker Alert ID:  1027950
CVE-2013-0630

IMPACT ASSESSMENT:

High

DISCUSSION:

A vulnerability was reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted content that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.

IMPACT:

A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

SOLUTION:

The vendor has issued a fix (10.3.183.50 (Windows, Mac, Linux), 11.5.502.146 (Windows, Mac), 11.2.202.261 (Linux), 11.5.31.137 (Google Chrome), 11.3.378.5 (IE 10 on Windows), 11.1.115.36 (Android 4.x), 11.1.111.31 (Android 3.x)).

 

Addthis