The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
History

Thu, 19 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Opensuse
Opensuse opensuse
Redhat enterprise Linux Desktop
Redhat enterprise Linux Eus
Redhat enterprise Linux Server
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Workstation
Suse
Suse linux Enterprise Desktop
Weaknesses CWE-264 NVD-CWE-noinfo
CPEs cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Vendors & Products Opensuse
Opensuse opensuse
Redhat enterprise Linux Desktop
Redhat enterprise Linux Eus
Redhat enterprise Linux Server
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Workstation
Suse
Suse linux Enterprise Desktop

Wed, 18 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

kev

{'dateAdded': '2024-09-17'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 18 Sep 2024 05:00:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2013-02-27T00:00:00

Updated: 2024-09-20T03:55:18.591Z

Reserved: 2012-12-18T00:00:00

Link: CVE-2013-0643

cve-icon Vulnrichment

Updated: 2024-08-06T14:33:05.557Z

cve-icon NVD

Status : Analyzed

Published: 2013-02-27T00:55:01.017

Modified: 2024-12-20T14:27:26.237

Link: CVE-2013-0643

cve-icon Redhat

Severity : Critical

Publid Date: 2013-02-26T00:00:00Z

Links: CVE-2013-0643 - Bugzilla