CVE-2013-0633

High PUBLISHED

Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before...

Adobe · Flash Player

Not yet in CISA KEV

Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
9.3 High

At a Glance

Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.

android linux macos windows
CVE Published
Feb 08, 2013
Exploitation Reported
Feb 08, 2013
CVSS
9.3 High
EPSS
Remote Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • RHSA-2013:0243 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2013-0243.html
  • openSUSE-SU-2013:0279 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004...
  • SUSE-SU-2013:0288 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007...
  • openSUSE-SU-2013:0284 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006...
  • adobe.com/support/security/bulletins/apsb13-04.html adobe.com · CVE Record http://www.adobe.com/support/security/bulletins/apsb13-04.html

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.