Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-0646

Опубликовано: 13 мар. 2013
Источник: nvd
CVSS2: 10
EPSS Низкий

Уязвимость выполнения произвольного кода в Adobe Flash Player и Adobe AIR через переполнение целого числа

Описание

В Adobe Flash Player и Adobe AIR обнаружена уязвимость переполнения целого числа, которая позволяет злоумышленникам выполнять произвольный код. Эта уязвимость может быть использована посредством неопределённых векторов.

Затронутые версии ПО

  • Adobe Flash Player:

    • версии до 10.3.183.68 и 11.x до 11.6.602.180 на Windows и Mac OS X,
    • версии до 10.3.183.68 и 11.x до 11.2.202.275 на Linux,
    • версии до 11.1.111.44 на Android 2.x и 3.x,
    • версии до 11.1.115.48 на Android 4.x.

  • Adobe AIR:

    • до версии 3.6.0.6090.

  • Adobe AIR SDK и Adobe AIR SDK & Compiler:

    • до версии 3.6.0.6090.

Тип уязвимости

Выполнение произвольного кода

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Версия до 11.6.602.171 (включая)
cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.36:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.257:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.262:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.265:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.268:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.270:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.271:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.3.300.273:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.4.402.265:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.4.402.278:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.4.402.287:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.5.502.110:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.5.502.135:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.5.502.136:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.5.502.146:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.5.502.149:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.6.602.167:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.6.602.168:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Версия до 11.2.202.273 (включая)
cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.36:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:*:*:*:*:*:*:*:*
Версия до 11.1.111.43 (включая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player_for_android:*:*:*:*:*:*:*:*
Версия до 11.1.111.43 (включая)
cpe:2.3:a:adobe:flash_player_for_android:10.1.106.17:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:10.2.157.51:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:10.3.186.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.10:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.16:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.19:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.24:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.29:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.31:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.32:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:google:android:2.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.2.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.2.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3:rev1:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.5:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.6:*:*:*:*:*:*:*
cpe:2.3:o:google:android:2.3.7:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.2.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.2.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.2.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:3.2.6:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player_for_android:*:*:*:*:*:*:*:*
Версия до 11.1.111.43 (включая)
cpe:2.3:a:adobe:flash_player_for_android:10.1.106.17:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:10.2.157.51:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:10.3.186.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.10:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.16:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.19:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.24:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.29:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.31:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_for_android:11.1.111.32:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*
Конфигурация 5
cpe:2.3:a:adobe:adobe_air_sdk_and_compiler:*:*:*:*:*:*:*:*
Версия до 3.6.0.599 (включая)
Конфигурация 6

Одно из

cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*
Версия до 3.6.0.597 (включая)
cpe:2.3:a:adobe:adobe_air_sdk:3.0.0.4080:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.1.0.488:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.2.0.2070:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3650:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3690:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2540:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2710:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.600:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.880:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.890:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.1060:*:*:*:*:*:*:*
Конфигурация 7

Одно из

cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
Версия до 3.6.0.597 (включая)
cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.0.8.4990:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.0.4990:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.1.0.5790:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.0.7220:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.1.8210:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.3.9120:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:1.5.3.9130:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.0.2.12610:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.0.3.13070:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.5.0.16600:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.5.1.17730:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.6.0.19120:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.6.0.19140:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.0.1948:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.0.1953:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.0.19480:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.0.19530:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:2.7.1.19610:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.0.0.408:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.0.0.4080:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.1.0.485:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.1.0.488:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.1.0.4880:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.2.0.207:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.2.0.2070:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.3.0.3670:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.4.0.2540:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.4.0.2710:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.5.0.600:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.5.0.880:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.5.0.890:*:*:*:*:*:*:*
cpe:2.3:a:adobe:adobe_air:3.5.0.1060:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.03908
Низкий

10 Critical

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2013-0646

ubuntu
почти 13 лет назад

Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.

redhat логотип

CVE-2013-0646

redhat
почти 13 лет назад

Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.

github логотип

GHSA-5vfx-cvqf-28gw

github
больше 3 лет назад

Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.

EPSS

Процентиль: 88%
0.03908
Низкий

10 Critical

CVSS2

Дефекты

CWE-189
Уязвимость CVE-2013-0646