What is CVE-2013-0643?

CVE-2013-0643 is a vulnerability in N/a. Published 2013-02-27.

Is CVE-2013-0643 known to be exploited?

Yes. CVE-2013-0643 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2024-09-17), indicating it is being actively exploited.

Vulnerability in N/a

CVE-2013-0643

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier f…

EPSS: 0.586 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

CISA KEV (Known Exploited Vulnerabilities)

This CVE is on the CISA KEV catalog, added on 2024-09-17. CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.

BOD 22-01 due date: 2024-10-08.

Required action: The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.

References

RHSA-2013:0574 (x_refsource_REDHAT, vendor-advisory)
www.adobe.com/support/security/bulletins/apsb13-08.html (x_refsource_CONFIRM)
SUSE-SU-2013:0373 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2013:0359 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2013:0360 (vendor-advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2013-0643?: CVE-2013-0643 is a vulnerability in N/a. Published 2013-02-27.
Is CVE-2013-0643 known to be exploited?: Yes. CVE-2013-0643 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2024-09-17), indicating it is being actively exploited.