Skip to main content

Digital Editions CVE-2013-1377

CRITICAL
Buffer Overflow (CWE-119)
2013-07-31 psirt@adobe.com
10.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
10.0 CRITICAL
AV:N/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Jul 31, 2013 - 13:20 cve.org
CRITICAL 10.0

DescriptionCVE.org

Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

AnalysisAI

Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Affected products include: Adobe Digital Editions. Version information: before 2.0.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2016-0954 CRITICAL POC
9.8 Mar 09

Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corr

CVE-2017-2973 CRITICAL
9.8 Feb 15

Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Rated critical severi

CVE-2017-3097 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical seve

CVE-2017-3092 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical seve

CVE-2017-3090 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. Rated critical seve

CVE-2014-0494 CRITICAL
10.0 Jan 23

Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption

CVE-2017-3088 CRITICAL
10.0 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF runtime

CVE-2017-3095 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing

CVE-2016-6980 CRITICAL
9.8 Sep 26

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspe

CVE-2016-4263 CRITICAL
9.8 Sep 16

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspe

CVE-2017-3096 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character c

CVE-2017-3094 CRITICAL
9.8 Jun 20

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF process

Share

CVE-2013-1377 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy