The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html | Mailing List |
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html | Mailing List |
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html | Mailing List |
http://rhn.redhat.com/errata/RHSA-2013-0574.html | Third Party Advisory |
http://www.adobe.com/support/security/bulletins/apsb13-08.html | Broken Link Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
19 Sep 2024, 19:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Suse
Opensuse opensuse Redhat Opensuse Redhat enterprise Linux Workstation Suse linux Enterprise Desktop Redhat enterprise Linux Server Redhat enterprise Linux Eus Redhat enterprise Linux Desktop Redhat enterprise Linux Server Aus |
|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:* |
|
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html - Mailing List | |
References | () http://www.adobe.com/support/security/bulletins/apsb13-08.html - Broken Link, Patch, Vendor Advisory |
18 Sep 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-269 | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
Information
Published : 2013-02-27 00:55
Updated : 2024-09-19 19:48
NVD link : CVE-2013-0643
Mitre link : CVE-2013-0643
CVE.ORG link : CVE-2013-0643
JSON object : View
Products Affected
microsoft
- windows
opensuse
- opensuse
adobe
- flash_player
redhat
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_desktop
linux
- linux_kernel
apple
- mac_os_x
suse
- linux_enterprise_desktop
CWE