TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2013-0643

HIGHCISA KEV
8.8

Beschreibung

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

CVE Details

CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht2/27/2013
Zuletzt geandert4/21/2026
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerAdobe
ProduktFlash Player
SchwachstellennameAdobe Flash Player Incorrect Default Permissions Vulnerability
KEV Aufnahmedatum2024-09-17
Behebungsfrist2024-10-08
Ransomware-NutzungUnknown

Betroffene Produkte

adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:windowsopensuse:opensuseredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_workstationsuse:linux_enterprise_desktop

Schwachen (CWE)

CWE-269

Referenzen

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(psirt@adobe.com)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0643(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.