{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-02-12T00:00:00", "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-06T10:00:00", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "SUSE-SU-2013:0296", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2013-0647", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SU-2013:0296", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb13-05.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.609Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2013:0296", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"name": "RHSA-2013:0254", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"name": "openSUSE-SU-2013:0295", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"name": "openSUSE-SU-2013:0298", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"name": "TA13-043A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2013-0647", "datePublished": "2013-02-12T20:00:00", "dateReserved": "2012-12-18T00:00:00", "dateUpdated": "2024-08-06T14:33:05.609Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D74A4017-3145-4AC0-B58A-1B20A344553E", "versionEndExcluding": "10.3.183.63", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "280E545D-5BD8-476F-85BD-D75C4E2FB1DF", "versionEndExcluding": "11.6.602.168", "versionStartIncluding": "11.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A47384CE-9685-4BCF-9BF9-BEB37B2BF2E0", "versionEndExcluding": "10.3.183.61", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DD16048-5B57-4D3C-81D2-DF66743466F0", "versionEndExcluding": "11.2.202.270", "versionStartIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5DC97D0-648E-49FD-9622-E3692D2D97FF", "versionEndExcluding": "11.1.111.43", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F3C0381-865A-4176-A291-988E12612161", "versionEndIncluding": "2.3.7", "versionStartIncluding": "2.0", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBEB1CC1-D410-4157-8BF3-8EB8BAC444DD", "versionEndIncluding": "3.2.6", "versionStartIncluding": "3.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4A317C9-5817-4F9A-95AD-4013CF290F44", "versionEndExcluding": "11.1.115.47", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "539FC1E0-6987-48EE-8FE9-7A27D4C3B69A", "versionEndIncluding": "4.4.4", "versionStartIncluding": "4.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B3F3711-70A1-4133-A184-765DD11A6D02", "versionEndExcluding": "3.6.0.597", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "E608B8F0-994A-431C-8F37-936C47598F0F", "versionEndExcluding": "3.6.0.599", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "A47384CE-9685-4BCF-9BF9-BEB37B2BF2E0", "versionEndExcluding": "10.3.183.61", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4875744-A793-4C40-B724-FB702517C828", "versionEndExcluding": "11.6.602.167", "versionStartIncluding": "11.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638."}, {"lang": "es", "value": "Adobe Flash Player antes de v10.3.183.63 y v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android 4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permiten a un atacante ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2013 hasta 0638."}], "id": "CVE-2013-0647", "lastModified": "2024-11-21T01:47:56.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-12T20:55:04.557", "references": [{"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA13-043A.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0254", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.270-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2013-02-13T00:00:00Z"}, {"advisory": "RHSA-2013:0254", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.270-1.el6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2013-02-13T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: multiple code execution flaws (APSB13-05)", "id": "910570", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910570"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-0638."], "name": "CVE-2013-0647", "public_date": "2013-02-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-0647\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-0647\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html"], "threat_severity": "Critical", "upstream_fix": "flash-plugin 11.2.202.270"}