VID |
50035 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
A version of Adobe Flash Player that is earlier than 10.3.183.50. Such version is reportedly affected by a Buffer overflow Vulnerability.
- The vulnerability is caused due to an integer overflow error within "flash.display.BitmapData()", which can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. (CVE-2013-0630)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References: http://www.adobe.com/support/security/bulletins/apsb13-01.html
* Platforms Affected: Adobe Flash Player prior to 10.3.183.50 Apple Mac OS X Any version Linux Any version Microsoft Windows Any version |
Recommendation |
Upgrade to the latest version of Adobe Flash Player (10.3.183.50 or later), available from the Adobe Web site at http://get.adobe.com/flashplayer/ |
Related URL |
CVE-2013-0630 (CVE) |
Related URL |
57184 (SecurityFocus) |
Related URL |
(ISS) |
|