CVE-2013-1302

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
CVE-2013-1302 is a vulnerability in Adobe Shockwave Player that was discovered in February 2013. An attacker could exploit this vulnerability by tricking a user into opening a malicious Shockwave file, which would allow the attacker to execute arbitrary code on the victim's system. The vulnerability affects Shockwave Player versions 11.6.7.637 and earlier on Windows and Mac OS X. The vulnerability was rated critical by Adobe, as it allowed an attacker to take complete control of a victim's system. Adobe released a security update (version 12.0.0.112) on March 12, 2013, which addressed the vulnerability. Users were advised to update their Shockwave Player software as soon as possible to mitigate the risk of exploitation. Shortly after the release of the security update, researchers from FireEye reported that the website for the Council on Foreign Relations had been compromised and was serving a malicious Shockwave file that exploited the CVE-2013-1302 vulnerability. This attack was part of a larger cyber espionage campaign targeting several organizations, including government agencies and non-profit groups. The attackers used spear-phishing emails to deliver the malicious files and gain access to sensitive information. The Council on Foreign Relations took their website offline temporarily to address the issue.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2013-1302 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards