457066 – (CVE-2013-0637) <www-plugins/adobe-flash-11.2.202.270: Multiple Vulnerabilities (CVE-2013-{0637,0638,0639,0642,0644,0645,0647,0649,1365,1366,1367,1368,1369,1370,1372,1373,1374})

Bug 457066 (CVE-2013-0637) - <www-plugins/adobe-flash-11.2.202.270: Multiple Vulnerabilities (CVE-2013-{0637,0638,0639,0642,0644,0645,0647,0649,1365,1366,1367,1368,1369,1370,1372,1373,1374})

Summary: <www-plugins/adobe-flash-11.2.202.270: Multiple Vulnerabilities (CVE-2013-{06...

Status:	RESOLVED FIXED

Alias:	CVE-2013-0637

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://secunia.com/advisories/52166/
Whiteboard:	B2 [glsa]
Keywords:

Depends on:
Blocks:

Reported:	2013-02-13 10:46 UTC by Agostino Sarubbo
Modified:	2013-09-14 02:54 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2013-02-13 10:46:00 UTC

From ${URL} :

Description
Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and
compromise a user's system.

1) Some unspecified errors can be exploited to cause buffer overflows.

2) Some use-after-free errors can be exploited to dereference already freed memory.

3) An integer overflow error can be exploited to execute arbitrary code.

4) An unspecified error can be exploited to corrupt memory.

5) An unspecified error can be exploited to corrupt memory.

6) An unspecified error can be exploited to disclose certain sensitive information.

Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.

The vulnerabilities are reported in the following products and versions:
* Adobe Flash Player versions 11.5.502.149 and prior for Windows and Macintosh
* Adobe Flash Player versions 11.2.202.262 and prior for Linux
* Adobe Flash Player versions 11.1.115.37 and prior for Android 4.x
* Adobe Flash Player versions 11.1.111.32 and prior for Android 3.x and 2.x
* Adobe AIR versions 3.5.0.1060 and prior
* Adobe AIR versions 3.5.0.1060 SDK and prior

Solution
Update to a fixed version.
Further details available to Secunia VIM customers

Provided and/or discovered by
1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google
3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion
4) The vendor credits Damian Put via iDefense
6) Reported by the vendor.

Original Advisory
Adobe (APSB13-05):
http://www.adobe.com/support/security/bulletins/apsb13-05.html

Comment 1 Jeroen Roovers (RETIRED) gentoo-dev

2013-02-13 15:04:04 UTC

Arch teams, please test and mark stable:
=www-plugins/adobe-flash-11.2.202.270
Stable KEYWORDS : amd64 x86

Comment 2 Jeroen Roovers (RETIRED) gentoo-dev

2013-02-13 18:02:59 UTC

@radhermit: Please pay attention next time.

Comment 3 Elijah "Armageddon" El Lazkani (amd64 AT) 2013-02-13 22:40:53 UTC

amd64: pass

Comment 4 Richard Freeman gentoo-dev

2013-02-14 12:01:53 UTC

amd64 stable

Comment 5 Agostino Sarubbo gentoo-dev

2013-02-17 17:40:48 UTC

x86 stable

Comment 6 Sean Amoss (RETIRED) gentoo-dev

2013-02-24 00:32:05 UTC

Adding to existing GLSA draft.

Comment 7 GLSAMaker/CVETool Bot gentoo-dev

2013-02-24 00:35:36 UTC

CVE-2013-1374 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374):
  Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and
  11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before
  11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on
  Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on
  Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599
  allows attackers to execute arbitrary code via unspecified vectors, a
  different vulnerability than CVE-2013-0644 and CVE-2013-0649.

CVE-2013-1373 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370,
  and CVE-2013-1372.

CVE-2013-1372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370,
  and CVE-2013-1373.

CVE-2013-1370 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-1369 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-1368 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1367, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-1367 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1366, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-1366 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365,
  CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-1365 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1366,
  CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-0649 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649):
  Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and
  11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before
  11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on
  Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on
  Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599
  allows attackers to execute arbitrary code via unspecified vectors, a
  different vulnerability than CVE-2013-0644 and CVE-2013-1374.

CVE-2013-0647 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647):
  Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on
  Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before
  10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on
  Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before
  3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute
  arbitrary code or cause a denial of service (memory corruption) via
  unspecified vectors, a different vulnerability than CVE-2013-0638.

CVE-2013-0645 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366,
  CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-0644 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644):
  Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and
  11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before
  11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on
  Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on
  Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599
  allows attackers to execute arbitrary code via unspecified vectors, a
  different vulnerability than CVE-2013-0649 and CVE-2013-1374.

CVE-2013-0642 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642):
  Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors, a different
  vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366,
  CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372,
  and CVE-2013-1373.

CVE-2013-0639 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639):
  Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before
  11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on
  Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before
  11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x;
  Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows
  attackers to execute arbitrary code via unspecified vectors.

CVE-2013-0638 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638):
  Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on
  Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before
  10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on
  Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before
  3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute
  arbitrary code or cause a denial of service (memory corruption) via
  unspecified vectors, a different vulnerability than CVE-2013-0647.

CVE-2013-0637 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637):
  Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on
  Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before
  10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on
  Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before
  3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain
  sensitive information via unspecified vectors.

Comment 8 GLSAMaker/CVETool Bot gentoo-dev

2013-09-14 02:54:45 UTC

This issue was resolved and addressed in
 GLSA 201309-06 at http://security.gentoo.org/glsa/glsa-201309-06.xml
by GLSA coordinator Sean Amoss (ackle).