CVE-2013-5331
11.12.2013, 15:55
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013.
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | 11.0 ≤ 𝑥 < 11.7.700.257 |
| adobe | flash_player | 11.8 ≤ 𝑥 < 11.8.800.175 |
| adobe | flash_player | 11.9 ≤ 𝑥 < 11.9.900.700 |
| adobe | flash_player | 11.0 ≤ 𝑥 < 11.2.202.332 |
| adobe | air | 𝑥 < 3.9.0.1380 |
| adobe | air_sdk | 𝑥 < 3.9.0.1380 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| adobe-flashplugin |
| ||||||||||
| flashplugin-nonfree |
|
References