VIR Vulnerability Intelligence Relay

CVE-2013-1385

critical
Published 2013-04-10 · Modified 2026-04-29
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — http://www.adobe.com/support/security/bulletins/apsb13-12.html

Application impact
VendorProductVersionsFixed
adobeshockwave_player{"endIncluding":"12.0.0.112"}
adobeshockwave_player1.0
adobeshockwave_player2.0
adobeshockwave_player3.0
adobeshockwave_player4.0
adobeshockwave_player5.0
adobeshockwave_player6.0
adobeshockwave_player8.0
adobeshockwave_player8.0.196
adobeshockwave_player8.0.196a
adobeshockwave_player8.0.204
adobeshockwave_player8.0.205
adobeshockwave_player8.5.1
adobeshockwave_player8.5.1.100
adobeshockwave_player8.5.1.103
adobeshockwave_player8.5.1.105
adobeshockwave_player8.5.1.106
adobeshockwave_player8.5.321
adobeshockwave_player8.5.323
adobeshockwave_player8.5.324
adobeshockwave_player8.5.325
adobeshockwave_player9
adobeshockwave_player9.0.383
adobeshockwave_player9.0.432
adobeshockwave_player10.0.0.210
adobeshockwave_player10.0.1.004
adobeshockwave_player10.1.0.11
adobeshockwave_player10.1.0.011
adobeshockwave_player10.1.1.016
adobeshockwave_player10.1.4.020
adobeshockwave_player10.2.0.021
adobeshockwave_player10.2.0.022
adobeshockwave_player10.2.0.023
adobeshockwave_player11.0.0.456
adobeshockwave_player11.0.3.471
adobeshockwave_player11.5.0.595
adobeshockwave_player11.5.0.596
adobeshockwave_player11.5.1.601
adobeshockwave_player11.5.2.602
adobeshockwave_player11.5.6.606
adobeshockwave_player11.5.7.609
adobeshockwave_player11.5.8.612
adobeshockwave_player11.5.9.615
adobeshockwave_player11.5.9.620
adobeshockwave_player11.5.10.620
adobeshockwave_player11.6.0.626
adobeshockwave_player11.6.1.629
adobeshockwave_player11.6.3.633
adobeshockwave_player11.6.4.634
adobeshockwave_player11.6.5.635
adobeshockwave_player11.6.6.636
adobeshockwave_player11.6.7.637
adobeshockwave_player11.6.8.638

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.