Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2013-0648
Analyzed
More InfoOfficial Page
Source-psirt@adobe.com
View Known Exploited Vulnerability (KEV) details
Published At-27 Feb, 2013 | 00:55
Updated At-21 Apr, 2026 | 20:57

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2024-09-172024-10-08Adobe Flash Player Code Execution VulnerabilityThe impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Date Added: 2024-09-17
Due Date: 2024-10-08
Vulnerability Name: Adobe Flash Player Code Execution Vulnerability
Required Action: The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Adobe Inc.
adobe
>>flash_player>>Versions before 10.3.183.67(exclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions from 11.0(inclusive) to 11.6.602.171(exclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>-
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions from 11.0(inclusive) to 11.2.202.273(exclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>11.4
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>12.1
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_desktop>>10
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
SUSE
suse
>>linux_enterprise_desktop>>11
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>5.9
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>6.4
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>5.9
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>6.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Per: http://www.adobe.com/support/security/bulletins/apsb13-08.html 'Flash Player 11.6.602.168 and earlier versions for Windows Flash Player 11.6.602.167 and earlier versions for Macintosh Flash Player 11.2.202.270 and earlier for Linux'

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.htmlpsirt@adobe.com
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.htmlpsirt@adobe.com
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.htmlpsirt@adobe.com
Mailing List
http://rhn.redhat.com/errata/RHSA-2013-0574.htmlpsirt@adobe.com
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb13-08.htmlpsirt@adobe.com
Broken Link
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
http://rhn.redhat.com/errata/RHSA-2013-0574.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb13-08.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Patch
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0648134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html
Source: psirt@adobe.com
Resource:
Mailing List
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html
Source: psirt@adobe.com
Resource:
Mailing List
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html
Source: psirt@adobe.com
Resource:
Mailing List
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0574.html
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb13-08.html
Source: psirt@adobe.com
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0574.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb13-08.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-0648
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
US Government Resource
Change History
0Changes found
Details not found