CVE-2013-0636

CWE-119Buffer OverflowCWE-3587 documents6 sources
Severity
10.0CRITICAL
EPSS
26.1%
top 3.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Shockwave Player
Timeline
PublishedFeb 13
Latest updateMay 17

Description

Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDadobe/shockwave_player11.6.8.638+50

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-6gj6-vh9h-rhvc: Stack-based buffer overflow in Adobe Shockwave Player before 122022-05-17
CVEList
CVE-2013-0636: Stack-based buffer overflow in Adobe Shockwave Player before 122013-02-13

📋Vendor Advisories

1
Red Hat
OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)2016-03-23

🕵️Threat Intelligence

2
Qualys
Oracle out-of-band release for Java 0-day | Qualys2016-03-24
Qualys
Oracle out-of-band release for Java 0-day | Qualys2016-03-24

💬Community

1
Bugzilla
CVE-2016-0636 OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666)2016-03-23
CVE-2013-0636 (CRITICAL CVSS 10) | Stack-based buffer overflow in Adob | cvebase.io