High severity8.8CISA KEVNVD Advisory· Published Feb 27, 2013· Updated Jun 16, 2026
CVE-2013-0643
CVE-2013-0643
Description
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <10.3.183.67
- (no CPE)range: <10.3.183.67, <11.6.602.171 (Win/Mac), <11.2.202.273 (Linux)
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- www.adobe.com/support/security/bulletins/apsb13-08.htmlnvdBroken LinkPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0574.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.htmlnvdMailing List
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.