The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html | Mailing List |
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html | Mailing List |
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html | Mailing List |
http://rhn.redhat.com/errata/RHSA-2013-0574.html | Third Party Advisory |
http://www.adobe.com/support/security/bulletins/apsb13-08.html | Broken Link Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
19 Sep 2024, 19:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html - Mailing List | |
References | () http://www.adobe.com/support/security/bulletins/apsb13-08.html - Broken Link, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
First Time |
Redhat enterprise Linux Eus
Redhat enterprise Linux Server Redhat enterprise Linux Workstation Redhat enterprise Linux Desktop Suse linux Enterprise Desktop Redhat enterprise Linux Server Aus Redhat Opensuse opensuse Suse Opensuse |
18 Sep 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
CWE | CWE-269 |
Information
Published : 2013-02-27 00:55
Updated : 2024-09-19 19:48
NVD link : CVE-2013-0643
Mitre link : CVE-2013-0643
CVE.ORG link : CVE-2013-0643
JSON object : View
Products Affected
apple
- mac_os_x
redhat
- enterprise_linux_server
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_eus
- enterprise_linux_workstation
opensuse
- opensuse
suse
- linux_enterprise_desktop
linux
- linux_kernel
adobe
- flash_player
microsoft
- windows
CWE