HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2013-2555

CVSS 10.0v2.0pub. 2013-03-11upd. 2026-04-29

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Adobe Air

    APP
    Adobe
    ≤ 3.6.0.6090
  • Adobe Flash Player

    APP
    Adobe
    ≤ 11.1.111.44≤ 11.1.115.4811.0 – 11.6.602.18011.0 – 11.2.202.275< 10.3.183.75≤ 10.3.183.75
  • Apple macOS

    OS
    Apple
    wszystkie wersje
  • Google Android

    OS
    Google
    4.0 – 4.4.42.0 – 3.2.6
  • Linux Kernel

    OS
    Linux
    wszystkie wersje
  • Microsoft Windows

    OS
    Microsoft
    wszystkie wersje
  • Opensuse

    OS
    Opensuse
    11.412.112.212.3
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    6.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    5.96.4
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    6.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    5.96.4
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    6.0
  • SUSE Linux Enterprise Desktop

    OS
    Suse
    11
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP