Korean
<< Back
VID 50035
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description A version of Adobe Flash Player that is earlier than 10.3.183.50. Such version is reportedly affected by a Buffer overflow Vulnerability.

- The vulnerability is caused due to an integer overflow error within "flash.display.BitmapData()", which can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. (CVE-2013-0630)

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://www.adobe.com/support/security/bulletins/apsb13-01.html

* Platforms Affected:
Adobe Flash Player prior to 10.3.183.50
Apple Mac OS X Any version
Linux Any version
Microsoft Windows Any version
Recommendation Upgrade to the latest version of Adobe Flash Player (10.3.183.50 or later), available from the Adobe Web site at http://get.adobe.com/flashplayer/
Related URL CVE-2013-0630 (CVE)
Related URL 57184 (SecurityFocus)
Related URL (ISS)