Summary
This host is installed with Adobe AIR and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause denial-of-service condition.
Impact Level: System/Application
Solution
Upgrade to version 3.6.0.6090 or later,
For updates refer to http://get.adobe.com/air
Insight
Multiple flaws due to
- Heap based overflow via unspecified vectors.
- Integer overflow via unspecified vectors.
- Use-after-free errors.
Affected
Adobe AIR Version prior to 3.6.0.6090 on Mac OS X.
References
Severity
Classification
-
CVE CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)
- Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)