CVE-2013-1385

CWE-2644 documents4 sources
Severity
10.0CRITICAL
EPSS
1.9%
top 16.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Shockwave Player
Timeline
PublishedApr 10
Latest updateMay 17

Description

Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDadobe/shockwave_player12.0.0.112+52

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-r2wr-63q6-wqhv: Adobe Shockwave Player before 122022-05-17
CVEList
CVE-2013-1385: Adobe Shockwave Player before 122013-04-10
CVE-2013-1385 (CRITICAL CVSS 10) | Adobe Shockwave Player before 12.0. | cvebase.io