CVE-2013-5331
Published Dec 11, 2013
Last updated 6 years ago
Overview
- Description
- Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013.
- Source
- psirt@adobe.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- Per: http://helpx.adobe.com/security/products/flash-player/apsb13-28.html "Adobe is aware of reports that an exploit designed to trick the user into opening a Microsoft Word document with malicious Flash (.swf) content exists for CVE-2013-5331."
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5940954F-85A9-4552-9718-393C492056A5",
"versionEndExcluding": "11.7.700.257",
"versionStartIncluding": "11.0"
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF750BDF-A76B-4967-8BD4-9B6F3336156D",
"versionEndExcluding": "11.8.800.175",
"versionStartIncluding": "11.8"
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9C771FB-A167-452E-ADC2-93F574D325E9",
"versionEndExcluding": "11.9.900.700",
"versionStartIncluding": "11.9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C5D93A0-1C7D-48B1-905A-C223B0FC2F14",
"versionEndExcluding": "11.2.202.332",
"versionStartIncluding": "11.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "054D3F2A-E7AD-4AED-A008-9D899723F3AD",
"versionEndExcluding": "3.9.0.1380"
},
{
"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F7D4D4A-E4EC-4C32-885C-4341B8F793C9",
"versionEndExcluding": "3.9.0.1380"
}
],
"operator": "OR"
}
]
}
]