CVE-2013-5329
Description
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5330.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Adobe Flash Player and AIR memory corruption vulnerability allows arbitrary code execution or denial of service via unspecified vectors.
Vulnerability
Adobe Flash Player and Adobe AIR contain a memory corruption vulnerability affecting versions prior to 11.7.700.252 and 11.8.x/11.9.x prior to 11.9.900.152 on Windows and Mac OS X, and prior to 11.2.202.327 on Linux, as well as AIR versions prior to 3.9.0.1210. The vulnerability allows arbitrary code execution or denial of service via unspecified vectors [1].
Exploitation
An attacker can exploit this vulnerability by delivering a specially crafted Flash (.swf) file to a user, typically via a web page or email. No authentication is required; the user must only interact with the malicious content. The exact attack vector is not disclosed in the references.
Impact
Successful exploitation can lead to arbitrary code execution in the context of the current user, or a denial of service due to memory corruption. This can result in full compromise of the affected system or application crash.
Mitigation
Adobe has released updates to address this vulnerability: Flash Player 11.7.700.252/11.9.900.152 (Windows/Mac) and 11.2.202.327 (Linux), and AIR 3.9.0.1210. Users should apply these updates immediately. Red Hat also released an advisory [1] for their affected products. No workarounds have been published.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*range: <3.9.0.1210
- (no CPE)range: <3.9.0.1210
cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*range: <3.9.0.1210
- (no CPE)range: <3.9.0.1210
- Range: <11.7.700.252 and <11.9.900.152 and <11.2.202.327
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.adobe.com/support/security/bulletins/apsb13-26.htmlnvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2013-11/msg00015.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-11/msg00016.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-11/msg00019.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2013-1518.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.