Detections
Analytics

Adobe AIR < 3.7.0.1530 Multiple Vulnerabilities (APSB13-11)

high Nessus Network Monitor Plugin ID 6830

Synopsis

The remote host is running an outdated version of Adobe AIR.

Description

Versions of Adobe AIR prior to 3.7.0.1530 are outdated and thus unpatched for the following vulnerabilities :

 - Multiple memory corruption errors exist that could lead to code execution. (CVE-2013-1378, CVE-2013-1379, CVE-2013-1380)
 - An integer overflow error exists that could lead to code execution. (CVE-2013-2555)

Solution

Upgrade to Adobe AIR 3.7.0.1530 or later.

See Also

http://www.adobe.com/support/security/bulletins/apsb13-11.html

Plugin Details

Severity: High

ID: 6830

Family: Web Clients

Published: 4/10/2013

Updated: 3/6/2019

Nessus ID: 65909

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:adobe:adobe_air

Patch Publication Date: 4/9/2013

Vulnerability Publication Date: 4/9/2013

Reference Information

CVE: CVE-2013-1378, CVE-2013-1379, CVE-2013-1380, CVE-2013-2555

BID: 58396, 58947, 58949, 58951