CVE-2013-5332

Name: CVE-2013-5332
Creator: NVD / NIST
Published: 2013-12-11T15:55:07.09+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.38%

Last modified Jun 16, 2026

CVE-2013-5332 is a vulnerability of currently unknown severity. Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.. EPSS estimates a 5.38% chance of exploitation in the next 30 days.

Description

Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Metrics

EPSS Probability

5.38%

91.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-94

Affected Software

Vendor	Product	Versions
Adobe	Flash Player	>= 11.0, < 11.7.700.257
Adobe	Flash Player	>= 11.8, < 11.8.800.175
Adobe	Flash Player	>= 11.9, < 11.9.900.700
Adobe	Flash Player	>= 11.0, < 11.2.202.332
Adobe	Air	< 3.9.0.1380
Adobe	Air Sdk	< 3.9.0.1380

References

http://helpx.adobe.com/security/products/flash-player/apsb13-28.htmlPatch, Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00008.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00075.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00084.htmlMailing List, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1818.htmlThird Party Advisory
http://helpx.adobe.com/security/products/flash-player/apsb13-28.htmlPatch, Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00008.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00075.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-12/msg00084.htmlMailing List, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1818.htmlThird Party Advisory

Timeline

Published: Dec 11, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-5332?

How severe is CVE-2013-5332?

Severity scoring for CVE-2013-5332 is pending analysis. The EPSS model estimates a 5.38% probability of exploitation in the next 30 days.

How do I fix CVE-2013-5332?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-5332?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST