You are here

V-087: Adobe Flash Player Two Vulnerabilities

February 8, 2013 - 6:00am

Addthis

PROBLEM:

Two vulnerabilities have been reported in Adobe Flash Player

PLATFORM:

Vulnerabilities are reported in the following versions:

Adobe Flash Player versions 11.5.502.146 and earlier for Windows and Macintosh
Adobe Flash Player versions 11.2.202.261 and earlier for Linux
Adobe Flash Player versions 11.1.115.36 and earlier for Android 4.x
Adobe Flash Player versions 11.1.111.31 and earlier for Android 3.x
Adobe Flash Player versions 11.5.31.137 and earlier for Chrome users
Adobe Flash Player versions 11.3.378.5 and earlier for Internet Explorer 10 users on Windows 8

ABSTRACT:

Two vulnerabilities are reported as 0-day which can be exploited by malicious people to compromise a user's system.

REFERENCE LINKS:

Secunia Advisory SA52116
Adobe Vulnerability Indentifier APSB13-04
CVE-2013-0633 
CVE-2013-0634 

IMPACT ASSESSMENT:

High

DISCUSSION:

1) An unspecified error can be exploited to cause a buffer overflow.

2) An unspecified error can be exploited to corrupt memory.

IMPACT:

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

SOLUTION:

Adobe recommends users update their product installations to the latest versions

Addthis