CVE-2014-0556

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.244 Adobe Flash Player versions 14.x and 15.x prior to 15.0.0.152 Adobe Flash Player version prior to 11.2.202.406 on Linux Adobe AIR versions prior to 15.0.0.249 on Windows and OS X Adobe AIR version prior to 15.0.0.252 on Android Adobe AIR SDK version prior to 15.0.0.249 Adobe AIR SDK & Compiler version prior to 15.0.0.249

Description The issue is related to a heap-based buffer overflow in the dynamic memory of Adobe Flash Player, Adobe AIR, Adobe AIR SDK, and Adobe AIR SDK & Compiler, allowing attackers to execute arbitrary code via unspecified vectors. This can be exploited by attackers to gain control over the affected system.

Recommendations For Adobe Flash Player versions prior to 13.0.0.244, update to version 13.0.0.244 or later. For Adobe Flash Player versions 14.x and 15.x prior to 15.0.0.152, update to version 15.0.0.152 or later. For Adobe Flash Player version prior to 11.2.202.406 on Linux, update to version 11.2.202.406 or later. For Adobe AIR versions prior to 15.0.0.249 on Windows and OS X, update to version 15.0.0.249 or later. For Adobe AIR version prior to 15.0.0.252 on Android, update to version 15.0.0.252 or later. For Adobe AIR SDK version prior to 15.0.0.249, update to version 15.0.0.249 or later. For Adobe AIR SDK & Compiler version prior to 15.0.0.249, update to version 15.0.0.249 or later.