Adobe has release, the May 14th 2013, during his May Patch Tuesday, one Adobe Flash security bulletin dealing with 13 vulnerabilities. This security bulletin has a Critical severity rating. The associated vulnerabilities have all a 10.0 CVSS base score.

APSB13-14 – Adobe Flash May 2013 Security Bulletin Review

APSB13-14 is concerning :

  • Adobe Flash Player 11.7.700.169 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.280 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.54 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.50 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.7.0.1530 and earlier versions for Windows and Macintosh
  • Adobe AIR 3.7.0.1660 and earlier versions for Android
  • Adobe AIR 3.7.0.1530 SDK & Compiler and earlier versions

CVE-2013-2728 (10.0 CVSS base score), CVE-2013-3324 (10.0 CVSS base score), CVE-2013-3325 (10.0 CVSS base score), CVE-2013-3326 (10.0 CVSS base score), CVE-2013-3327 (10.0 CVSS base score), CVE-2013-3328 (10.0 CVSS base score), CVE-2013-3329 (10.0 CVSS base score), CVE-2013-3330 (10.0 CVSS base score), CVE-2013-3331 (10.0 CVSS base score) and CVE-2013-3332 (10.0 CVSS base score) were discovered and privately reported by Mateusz Jurczyk and Ben Hawkes of the Google Security Team.

CVE-2013-3333 (10.0 CVSS base score), CVE-2013-3334 (10.0 CVSS base score) and CVE-2013-3335 (10.0 CVSS base score) were discovered and privately reported by Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team.