TROYANOSYVIRUS
Retour aux CVEs

CVE-2013-0648

HIGHCISA KEV
8.8

Description

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

Details CVE

Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie2/27/2013
Derniere modification4/21/2026
Sourcekev
Observations honeypot0

CISA KEV

FournisseurAdobe
ProduitFlash Player
Nom vulnerabiliteAdobe Flash Player Code Execution Vulnerability
Date ajout KEV2024-09-17
Date limite remediation2024-10-08
Utilise dans ransomwareUnknown

Produits affectes

adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:windowsopensuse:opensuseredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_workstationsuse:linux_enterprise_desktop

References

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(psirt@adobe.com)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0648(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.