VIR Vulnerability Intelligence Relay

CVE-2013-0643

unknown KEV
Published 2024-09-17 · Modified 2024-09-17
CVSS v3
CVSS v2
VIR risk
1.5

Description

Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content.

CISA KEV

Vendor
Adobe
Product
Flash Player
Due date
2024-10-08

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://www.adobe.com/products/flashplayer/end-of-life-alternative.html#eol-alternative-faq ; https://nvd.nist.gov/vuln/detail/CVE-2013-0643

Exploits

References

Verify integrity in audit chain (admin only). AS-IS.