CVE-2013-0643 — Adobe Flash Player Incorrect Default Permissions Vulnerability
2024-09-17 • CISA Known Exploited Vulnerability
[event] Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Adobe |
| Product | Flash Player |
| CWE | CWE-264 |
| CVE ID | CVE-2013-0643 |
| Date Added | 2024-09-17 |
| Due Date | 2024-10-08 |
| Ransomware Campaign | Unknown |
> MITIGATION
The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Due Date: 2024-10-08