Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2013-03-13 CVE-2013-1371 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2013-03-13 CVE-2013-0650 Resource Management Errors vulnerability in Adobe products
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-399
critical
 10.0
10
2013-03-13 CVE-2013-0646 Numeric Errors vulnerability in Adobe products
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-189
critical
 10.0
10
2013-03-11 CVE-2013-2555 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
network
low complexity
adobe opensuse suse redhat CWE-190
critical
 10.0
10
2013-03-11 CVE-2013-2550 Use After Free Remote Code Execution vulnerability in Adobe Acrobat Reader 11.0.02
Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.
network
low complexity
adobe
7.5
7.5
2013-03-11 CVE-2013-2549 Code Injection vulnerability in Adobe Acrobat Reader 11.0.02
Unspecified vulnerability in Adobe Reader 11.0.02 allows remote attackers to execute arbitrary code via vectors related to a "break into the sandbox," as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.
network
low complexity
adobe CWE-94
7.5
7.5
2013-02-27 CVE-2013-0648 Remote Code Execution vulnerability in Adobe Flash Player
Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
network
adobe apple microsoft linux
critical
 9.3
9.3
2013-02-27 CVE-2013-0643 Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
network
adobe apple microsoft linux CWE-264
critical
 9.3
9.3
2013-02-27 CVE-2013-0504 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player
Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux CWE-119
critical
 10.0
10
2013-02-14 CVE-2013-0641 Remote Code Execution vulnerability in Adobe Acrobat And Reader
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
network
adobe
critical
 9.3
9.3