Adobe Flash Player contains vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system.
This update corrects a buffer overflow vulnerability that could lead to arbitrary code execution or cause the affected software to terminate unexpectedly. The update also addresses a memory corruption vulnerability that is due to an error when handling exceptional conditions and could lead to arbitrary code execution on the system.
An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code or cause a DoS condition on the targeted system. To exploit these vulnerabilities, the attacker may provide a malicious file containing crafted Flash content to the user and persuade the user to open or execute the file by using misleading language or instructions.
The following products are vulnerable:
- Adobe Flash Player for Windows and Macintosh versions 11.5.502.146 and prior
- Adobe Flash Player for Linux versions 220.127.116.111 and prior
- Adobe Flash Player for Android versions 18.104.22.168 and prior
Administrators are advised to apply the appropriate updates.
Adobe has re-released a security bulletin at the following link: APSB13-04
Adobe has released updated software at the following links:
FreeBSD has released a VuXML document at the following link: linux-flashplugin -- multiple vulnerabilities
FreeBSD has released ports collection updates at the following link: Ports Collection Index
Adobe Flash Player 11.5.502.149 for Windows and Macintosh
Adobe Flash Player 22.214.171.1242 for Linux
Adobe Flash Player for Android 126.96.36.199 (via device software update)
Adobe AIR 188.8.131.5270
Red Hat has released an official CVE statement and a security advisory for bug 908999
at the following links: CVE-2013-0633
, and RHSA-2013-0243
Red Hat has released updated software for registered subscribers at the following link: Red Hat Network
Red Hat packages can be updated on Red Hat Enterprise Linux versions 5 and later using the yum