Home

CVE-2013-1379

Description

Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.703

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Adobe Air 3.6.0.6090 to latest versionWindows
Upgrade Adobe flash player 10.0.0.584 to latest versionWindows
Vulnerabilities CVE-2013-1378,CVE-2013-1379,CVE-2013-1380,CVE-2013-2555 are affected in Adobe AIR 3.6.0.6090Windows
Vulnerabilities CVE-2013-1378,CVE-2013-1379,CVE-2013-1380,CVE-2013-2555 are affected in Adobe Flash Player Plugin 11.6.602.180Windows
Vulnerabilities CVE-2013-1378,CVE-2013-1379,CVE-2013-1380,CVE-2013-2555 are affected in Adobe Flash Player PPAPI 11.6.602.180Windows
Multiple Vulnerabilities are affected in Adobe AIR 3.6.0.597Windows
Multiple Vulnerabilities are affected in Adobe AIR 3.6.0.6090Windows
Vulnerabilities CVE-2013-1379,CVE-2014-0508 are affected in Adobe AIR 3.6.0.597Mac
Vulnerabilities CVE-2013-1379,CVE-2014-0508 are affected in Adobe AIR 3.6.0.6090Mac
Vulnerabilities CVE-2013-1379,CVE-2014-0508 are affected in Adobe AIR For Mac 3.6.0.597Mac
Vulnerabilities CVE-2013-1379,CVE-2014-0508 are affected in Adobe AIR For Mac 3.6.0.6090Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234