{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-12T00:00:00", "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-06T10:00:00", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "SUSE-SU-2013:0296", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2013-0637", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SU-2013:0296", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb13-05.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.445Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2013:0296", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2013-0637", "datePublished": "2013-02-12T20:00:00", "dateReserved": "2012-12-18T00:00:00", "dateUpdated": "2024-08-06T14:33:05.445Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D74A4017-3145-4AC0-B58A-1B20A344553E", "versionEndExcluding": "10.3.183.63", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "280E545D-5BD8-476F-85BD-D75C4E2FB1DF", "versionEndExcluding": "11.6.602.168", "versionStartIncluding": "11.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A47384CE-9685-4BCF-9BF9-BEB37B2BF2E0", "versionEndExcluding": "10.3.183.61", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DD16048-5B57-4D3C-81D2-DF66743466F0", "versionEndExcluding": "11.2.202.270", "versionStartIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5DC97D0-648E-49FD-9622-E3692D2D97FF", "versionEndExcluding": "11.1.111.43", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F3C0381-865A-4176-A291-988E12612161", "versionEndIncluding": "2.3.7", "versionStartIncluding": "2.0", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBEB1CC1-D410-4157-8BF3-8EB8BAC444DD", "versionEndIncluding": "3.2.6", "versionStartIncluding": "3.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4A317C9-5817-4F9A-95AD-4013CF290F44", "versionEndExcluding": "11.1.115.47", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "539FC1E0-6987-48EE-8FE9-7A27D4C3B69A", "versionEndIncluding": "4.4.4", "versionStartIncluding": "4.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B3F3711-70A1-4133-A184-765DD11A6D02", "versionEndExcluding": "3.6.0.597", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "E608B8F0-994A-431C-8F37-936C47598F0F", "versionEndExcluding": "3.6.0.599", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A47384CE-9685-4BCF-9BF9-BEB37B2BF2E0", "versionEndExcluding": "10.3.183.61", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4875744-A793-4C40-B724-FB702517C828", "versionEndExcluding": "11.6.602.167", "versionStartIncluding": "11.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "Adobe Flash Player anterior a v10.3.183.63 y v11.x anterior a v11.6.602.168 para Windows, anterior a v10.3.183.61 y v11.x anterior a v11.6.602.167 para Mac OS X, anterior a v10.3.183.61 y v11.x anterior a v11.2.202.270 para Linux, anterior a v11.1.111.43 para Android v2.x y v3.x, anterior a v11.1.115.47 para Android v4.x; Adobe AIR anterior a v3.6.0.597; y Adobe AIR SDK anterior a v3.6.0.599, permite a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "id": "CVE-2013-0637", "lastModified": "2018-12-06T19:53:30.563", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-12T20:55:04.247", "references": [{"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0254", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.270-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2013-02-13T00:00:00Z"}, {"advisory": "RHSA-2013:0254", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.270-1.el6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2013-02-13T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: information disclosure flaw (APSB13-05)", "id": "910571", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910571"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "details": ["Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors."], "name": "CVE-2013-0637", "public_date": "2013-02-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-0637\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-0637\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html"], "threat_severity": "Moderate", "upstream_fix": "flash-plugin 11.2.202.270"}