High severity8.8CISA KEVNVD Advisory· Published Feb 27, 2013· Updated Apr 21, 2026
CVE-2013-0648
CVE-2013-0648
Description
Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
Affected products
12- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.adobe.com/support/security/bulletins/apsb13-08.htmlnvdBroken LinkPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2013-0574.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.htmlnvdMailing List
- lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.htmlnvdMailing List
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.