TROYANOSYVIRUS
Voltar para CVEs

CVE-2013-0643

HIGHCISA KEV
8.8

Descricao

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

Detalhes CVE

Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado2/27/2013
Ultima modificacao4/21/2026
Fontekev
Avistamentos honeypot0

CISA KEV

FornecedorAdobe
ProdutoFlash Player
Nome da vulnerabilidadeAdobe Flash Player Incorrect Default Permissions Vulnerability
Data inclusao KEV2024-09-17
Prazo de remediacao2024-10-08
Uso em ransomwareUnknown

Produtos afetados

adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:windowsopensuse:opensuseredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_workstationsuse:linux_enterprise_desktop

Fraquezas (CWE)

CWE-269

Referencias

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(psirt@adobe.com)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-0574.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb13-08.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0643(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.