CVE-2013-0648

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

History

19 Sep 2024, 19:51

Type Values Removed Values Added
CPE cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
First Time Suse
Opensuse opensuse
Redhat
Opensuse
Redhat enterprise Linux Workstation
Suse linux Enterprise Desktop
Redhat enterprise Linux Server
Redhat enterprise Linux Eus
Redhat enterprise Linux Desktop
Redhat enterprise Linux Server Aus
References () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html - Mailing List
References () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html - Mailing List
References () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html - Mailing List
References () http://www.adobe.com/support/security/bulletins/apsb13-08.html - Patch, Vendor Advisory () http://www.adobe.com/support/security/bulletins/apsb13-08.html - Broken Link, Patch, Vendor Advisory

18 Sep 2024, 19:35

Type Values Removed Values Added
CVSS v2 : 9.3
v3 : unknown
v2 : 9.3
v3 : 8.8

Information

Published : 2013-02-27 00:55

Updated : 2024-09-19 19:51


NVD link : CVE-2013-0648

Mitre link : CVE-2013-0648

CVE.ORG link : CVE-2013-0648


JSON object : View

Products Affected

microsoft

  • windows

opensuse

  • opensuse

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_workstation
  • enterprise_linux_server
  • enterprise_linux_eus

linux

  • linux_kernel

apple

  • mac_os_x

adobe

  • flash_player

suse

  • linux_enterprise_desktop