Strix
26.1K

CVE-2013-0650

UnknownEPSS 6.53%

Last modified

CVE-2013-0650 is a vulnerability of currently unknown severity. Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.. EPSS estimates a 6.53% chance of exploitation in the next 30 days.

Description

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.

Metrics

EPSS Probability
6.53%

92.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeFlash Player<= 11.6.602.171
AdobeFlash Player11.0
AdobeFlash Player11.0.1.152
AdobeFlash Player11.0.1.153
AdobeFlash Player11.1
AdobeFlash Player11.1.102.55
AdobeFlash Player11.1.102.59
AdobeFlash Player11.1.102.62
AdobeFlash Player11.1.102.63
AdobeFlash Player11.1.111.5
AdobeFlash Player11.1.111.6
AdobeFlash Player11.1.111.7
AdobeFlash Player11.1.111.8
AdobeFlash Player11.1.115.7
AdobeFlash Player11.1.115.34
AdobeFlash Player11.1.115.36
AdobeFlash Player11.2.202.223
AdobeFlash Player11.2.202.228
AdobeFlash Player11.2.202.233
AdobeFlash Player11.2.202.235
AdobeFlash Player11.2.202.236
AdobeFlash Player11.2.202.238
AdobeFlash Player11.2.202.243
AdobeFlash Player11.2.202.251
AdobeFlash Player11.2.202.258
AdobeFlash Player11.2.202.261
AdobeFlash Player11.2.202.262
AdobeFlash Player11.2.202.270
AdobeFlash Player11.2.202.273
AdobeFlash Player11.3.300.257
AdobeFlash Player11.3.300.262
AdobeFlash Player11.3.300.265
AdobeFlash Player11.3.300.268
AdobeFlash Player11.3.300.270
AdobeFlash Player11.3.300.271
AdobeFlash Player11.3.300.273
AdobeFlash Player11.4.402.265
AdobeFlash Player11.4.402.278
AdobeFlash Player11.4.402.287
AdobeFlash Player11.5.502.110
AdobeFlash Player11.5.502.135
AdobeFlash Player11.5.502.136
AdobeFlash Player11.5.502.146
AdobeFlash Player11.5.502.149
AdobeFlash Player11.6.602.167
AdobeFlash Player11.6.602.168
AdobeFlash Player<= 11.2.202.273
AdobeFlash Player For Android<= 11.1.111.43
AdobeFlash Player For Android10.1.106.17
AdobeFlash Player For Android10.2.157.51

Showing 50 of 125 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-0650?
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
How severe is CVE-2013-0650?
Severity scoring for CVE-2013-0650 is pending analysis. The EPSS model estimates a 6.53% probability of exploitation in the next 30 days.
How do I fix CVE-2013-0650?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-0650?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST