Adobe AIR <= 3.9.0.1030 Memory Corruptions (APSB13-26)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a version of Adobe AIR that is
affected by multiple memory corruption vulnerabilities.

Description :

According to its version, the instance of Adobe AIR on the remote
Windows host is 3.9.0.1030 or earlier. It is, therefore, potentially
affected by multiple memory corruption vulnerabilities that could lead
to code execution.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-13-275/
http://www.adobe.com/support/security/bulletins/apsb13-26.html

Solution :

Upgrade to Adobe AIR 3.9.0.1210 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 70857 ()

Bugtraq ID: 63680
63683

CVE ID: CVE-2013-5329
CVE-2013-5330