CVE-2013-0636

Name: CVE-2013-0636
Creator: NVD / NIST
Published: 2013-02-13T21:55:06.76+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 9.28%

Last modified Jun 16, 2026

CVE-2013-0636 is a vulnerability of currently unknown severity. Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.. EPSS estimates a 9.28% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.

Metrics

EPSS Probability

9.28%

94.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Adobe	Shockwave Player	<= 11.6.8.638
Adobe	Shockwave Player	1.0
Adobe	Shockwave Player	2.0
Adobe	Shockwave Player	3.0
Adobe	Shockwave Player	4.0
Adobe	Shockwave Player	5.0
Adobe	Shockwave Player	6.0
Adobe	Shockwave Player	8.0
Adobe	Shockwave Player	8.0.196
Adobe	Shockwave Player	8.0.196a
Adobe	Shockwave Player	8.0.204
Adobe	Shockwave Player	8.0.205
Adobe	Shockwave Player	8.5.1
Adobe	Shockwave Player	8.5.1.100
Adobe	Shockwave Player	8.5.1.103
Adobe	Shockwave Player	8.5.1.105
Adobe	Shockwave Player	8.5.1.106
Adobe	Shockwave Player	8.5.321
Adobe	Shockwave Player	8.5.323
Adobe	Shockwave Player	8.5.324
Adobe	Shockwave Player	8.5.325
Adobe	Shockwave Player	9.0.383
Adobe	Shockwave Player	9.0.432
Adobe	Shockwave Player	10.0.0.210
Adobe	Shockwave Player	10.0.1.004
Adobe	Shockwave Player	10.1.0.11
Adobe	Shockwave Player	10.1.0.011
Adobe	Shockwave Player	10.1.1.016
Adobe	Shockwave Player	10.1.4.020
Adobe	Shockwave Player	10.2.0.021
Adobe	Shockwave Player	10.2.0.022
Adobe	Shockwave Player	10.2.0.023
Adobe	Shockwave Player	11.0.0.456
Adobe	Shockwave Player	11.0.3.471
Adobe	Shockwave Player	11.5.0.595
Adobe	Shockwave Player	11.5.0.596
Adobe	Shockwave Player	11.5.1.601
Adobe	Shockwave Player	11.5.2.602
Adobe	Shockwave Player	11.5.6.606
Adobe	Shockwave Player	11.5.7.609
Adobe	Shockwave Player	11.5.8.612
Adobe	Shockwave Player	11.5.9.615
Adobe	Shockwave Player	11.5.9.620
Adobe	Shockwave Player	11.5.10.620
Adobe	Shockwave Player	11.6.0.626
Adobe	Shockwave Player	11.6.1.629
Adobe	Shockwave Player	11.6.3.633
Adobe	Shockwave Player	11.6.4.634
Adobe	Shockwave Player	11.6.5.635
Adobe	Shockwave Player	11.6.6.636

Showing 50 of 51 affected configurations. See NVD for the full list.

References

http://www.adobe.com/support/security/bulletins/apsb13-06.htmlPatch, Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA13-043A.htmlUS Government Resource
http://www.adobe.com/support/security/bulletins/apsb13-06.htmlPatch, Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA13-043A.htmlUS Government Resource

Timeline

Published: Feb 13, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-0636?

Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.

How severe is CVE-2013-0636?

Severity scoring for CVE-2013-0636 is pending analysis. The EPSS model estimates a 9.28% probability of exploitation in the next 30 days.

How do I fix CVE-2013-0636?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-0636?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST