Weekly Vulnerabilities Reports > May 13 to 19, 2013
Overview
2 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 0 high severity vulnerabilities. This weekly summary report vulnerabilities in 21 products from 7 vendors including Redhat, Debian, Adobe, Opensuse, and Mozilla. Vulnerabilities are notably categorized as "Integer Overflow or Wraparound", and "Improper Initialization".
- 2 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are exploitable by an anonymous user.
- Redhat has the most reported vulnerabilities, with 2 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-05-16 | CVE-2013-2729 | Adobe Suse Redhat | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727. | 9.8 |
0 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
1 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-05-16 | CVE-2013-1675 | Mozilla Canonical Debian Redhat Opensuse | Improper Initialization vulnerability in multiple products Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. | 6.5 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|