{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-06T10:00:00", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-04.html"}, {"name": "RHSA-2013:0243", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0243.html"}, {"name": "openSUSE-SU-2013:0279", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004.html"}, {"name": "SUSE-SU-2013:0288", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007.html"}, {"name": "openSUSE-SU-2013:0284", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2013-0634", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.adobe.com/support/security/bulletins/apsb13-04.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb13-04.html"}, {"name": "RHSA-2013:0243", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0243.html"}, {"name": "openSUSE-SU-2013:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004.html"}, {"name": "SUSE-SU-2013:0288", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007.html"}, {"name": "openSUSE-SU-2013:0284", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.275Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-04.html"}, {"name": "RHSA-2013:0243", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0243.html"}, {"name": "openSUSE-SU-2013:0279", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004.html"}, {"name": "SUSE-SU-2013:0288", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007.html"}, {"name": "openSUSE-SU-2013:0284", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2013-0634", "datePublished": "2013-02-08T11:00:00", "dateReserved": "2012-12-18T00:00:00", "dateUpdated": "2024-08-06T14:33:05.275Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "14967C9D-62EE-42D0-BBF1-4A606A2361F9", "versionEndExcluding": "10.3.183.51", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "1EF4326B-1F73-4125-A682-2C737D270A2F", "versionEndExcluding": "11.5.502.149", "versionStartIncluding": "11.5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "14967C9D-62EE-42D0-BBF1-4A606A2361F9", "versionEndExcluding": "10.3.183.51", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "B539E9C3-20F9-4B21-8C02-CFE189787465", "versionEndExcluding": "11.2.202.262", "versionStartIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "584C4EC6-DCBD-414C-A7EB-FB32B24A3AE9", "versionEndExcluding": "11.1.111.32", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F3C0381-865A-4176-A291-988E12612161", "versionEndIncluding": "2.3.7", "versionStartIncluding": "2.0", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBEB1CC1-D410-4157-8BF3-8EB8BAC444DD", "versionEndIncluding": "3.2.6", "versionStartIncluding": "3.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "B915830C-B8E4-48CC-B07F-76C9A6DBBA3B", "versionEndExcluding": "11.1.115.37", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "539FC1E0-6987-48EE-8FE9-7A27D4C3B69A", "versionEndIncluding": "4.4.4", "versionStartIncluding": "4.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013."}, {"lang": "es", "value": "Adobe Flash Player antes de v10.3.183.51 y v11.x antes de v11.5.502.149 para Windows y Mac OS X, antes de v10.3.183.51 y v11.x antes de v11.2.202.262 para Linux, antes de v11.1.111.32 para Android v2.x y v3.x, y antes de v11.1.115.37 para Android v4.x permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s contenido SWF, como los explotados en febrero de 2013."}], "id": "CVE-2013-0634", "lastModified": "2018-12-06T19:29:13.010", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-02-08T11:58:21.593", "references": [{"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0243.html"}, {"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-04.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0243", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.262-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2013-02-08T00:00:00Z"}, {"advisory": "RHSA-2013:0243", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.262-1.el6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2013-02-08T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: multiple code execution flaws (APSB13-04)", "id": "908999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908999"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013."], "name": "CVE-2013-0634", "public_date": "2013-02-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-0634\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-0634\nhttp://www.adobe.com/support/security/bulletins/apsb13-04.html"], "threat_severity": "Critical"}