TROYANOSYVIRUS
Volver a CVEs

CVE-2013-0643

HIGHCISA KEV
8.8

Descripcion

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

Detalles CVE

Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado2/27/2013
Ultima modificacion4/21/2026
Fuentekev
Avistamientos honeypot0

CISA KEV

VendedorAdobe
ProductoFlash Player
Nombre vulnerabilidadAdobe Flash Player Incorrect Default Permissions Vulnerability
Fecha inclusion KEV2024-09-17
Fecha limite remediacion2024-10-08
Uso en ransomwareUnknown

Productos afectados

adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:windowsopensuse:opensuseredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_workstationsuse:linux_enterprise_desktop

Debilidades (CWE)

CWE-269

Referencias

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(psirt@adobe.com)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0643(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.