Strix
26.1K

CVE-2013-1385

UnknownEPSS 4.29%

Last modified

CVE-2013-1385 is a vulnerability of currently unknown severity. Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.. EPSS estimates a 4.29% chance of exploitation in the next 30 days.

Description

Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.

Metrics

EPSS Probability
4.29%

89.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeShockwave Player<= 12.0.0.112
AdobeShockwave Player1.0
AdobeShockwave Player2.0
AdobeShockwave Player3.0
AdobeShockwave Player4.0
AdobeShockwave Player5.0
AdobeShockwave Player6.0
AdobeShockwave Player8.0
AdobeShockwave Player8.0.196
AdobeShockwave Player8.0.196a
AdobeShockwave Player8.0.204
AdobeShockwave Player8.0.205
AdobeShockwave Player8.5.1
AdobeShockwave Player8.5.1.100
AdobeShockwave Player8.5.1.103
AdobeShockwave Player8.5.1.105
AdobeShockwave Player8.5.1.106
AdobeShockwave Player8.5.321
AdobeShockwave Player8.5.323
AdobeShockwave Player8.5.324
AdobeShockwave Player8.5.325
AdobeShockwave Player9
AdobeShockwave Player9.0.383
AdobeShockwave Player9.0.432
AdobeShockwave Player10.0.0.210
AdobeShockwave Player10.0.1.004
AdobeShockwave Player10.1.0.11
AdobeShockwave Player10.1.0.011
AdobeShockwave Player10.1.1.016
AdobeShockwave Player10.1.4.020
AdobeShockwave Player10.2.0.021
AdobeShockwave Player10.2.0.022
AdobeShockwave Player10.2.0.023
AdobeShockwave Player11.0.0.456
AdobeShockwave Player11.0.3.471
AdobeShockwave Player11.5.0.595
AdobeShockwave Player11.5.0.596
AdobeShockwave Player11.5.1.601
AdobeShockwave Player11.5.2.602
AdobeShockwave Player11.5.6.606
AdobeShockwave Player11.5.7.609
AdobeShockwave Player11.5.8.612
AdobeShockwave Player11.5.9.615
AdobeShockwave Player11.5.9.620
AdobeShockwave Player11.5.10.620
AdobeShockwave Player11.6.0.626
AdobeShockwave Player11.6.1.629
AdobeShockwave Player11.6.3.633
AdobeShockwave Player11.6.4.634
AdobeShockwave Player11.6.5.635

Showing 50 of 53 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-1385?
Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.
How severe is CVE-2013-1385?
Severity scoring for CVE-2013-1385 is pending analysis. The EPSS model estimates a 4.29% probability of exploitation in the next 30 days.
How do I fix CVE-2013-1385?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-1385?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST